Updated the framework with additional test suites
Signed-off-by: Gowtham Siddarth <gowtham.siddarth@arm.com>
diff --git a/api-tests/README.md b/api-tests/README.md
index 4b2c1f5..5dc2ac4 100644
--- a/api-tests/README.md
+++ b/api-tests/README.md
@@ -19,6 +19,16 @@
### PSA Developer APIs
The test suite for this specification is located in the dev_apis directory of this repository. See [PSA Developer APIs Readme](dev_apis/README.md) file for more details.
+## Release Update
+ - Release Version - 0.7
+ - Code Quality: Pre-Beta. Please use this opportunity to suggest enhancements and point out errors.
+ - Current release contains following Developer APIs tests:
+ 1. **Crypto tests** that are written for the crypto service APIs defined in the [crypto.h](../api-specs/include/crypto.h)
+ 2. **Protected Storage tests** that are written for the protected storage service APIs defined in the [protected_storage.h](../api-specs/include/protected_storage.h)
+ 3. **Internal Trusted Storage tests** that are written for the internal trusted storage service APIs defined in the [internal_trusted_storage.h](../api-specs/include/internal_trusted_storage.h)
+ - Current release contains following PSA-FF tests:
+ 1. **IPC tests** that are written for version 1.0-Beta-0 of the PSA FF specification.
+
## License
Arm PSA test suite is distributed under Apache v2.0 License.
@@ -33,4 +43,4 @@
--------------
-*Copyright (c) 2018, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2018-2019, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/dev_apis/README.md b/api-tests/dev_apis/README.md
index 7663793..4ada39e 100644
--- a/api-tests/dev_apis/README.md
+++ b/api-tests/dev_apis/README.md
@@ -13,16 +13,9 @@
The Architecture Test Suite contains the tests that are self-checking, portable C-based tests with directed stimulus.
-The tests are available as open source. The tests and the corresponding abstraction layers are available with an Apache v2.0 license allowing for external contribution.
+The tests are available as open source. The tests and the corresponding abstraction layers are available with an Apache v2.0 license allowing for external contribution. This test suite is not a substitute for design verification. To review the test logs, Arm licensees can contact Arm directly through their partner managers.
-For more information on Architecture Test Suite specification, refer the [Validation Methodology](../docs/Arm_PSA_FF_Arch_Test_Validation_Methodology.pdf) document.
-
-## Release Update
- - Release Version - 0.5
- - Code Quality - Alpha. This indicates the suite is in development and it contains tests which have not been validated on any platform. Please use this opportunity to suggest enhancements and point out errors.
- - Current release contains **Crypto tests** that are written for the crypto service APIs defined in the [crypto.h](../../api-specs/include/crypto.h)
- - This test suite is not a substitute for design verification.
- - To review the test logs, Arm licensees can contact Arm directly through their partner managers.
+For more information on Architecture Test Suite specification, refer the [Validation Methodology](../docs/Arm_PSA_APIs_Arch_Test_Validation_Methodology.pdf) document.
## Tests Scenarios
@@ -39,7 +32,7 @@
### Porting steps
-Refer to the [Porting Guide](../docs/porting_guide.md) document for porting steps.
+Refer to the [PSA Developer APIs Test Suite Porting Guide](../docs/porting_guide_dev_apis.md) document for porting steps.
### Build steps
@@ -54,15 +47,15 @@
- <platform_name> is the same as the name of the target specific directory created in the platform/targets/ directory. <br />
- <cpu_architecture_version> is the Arm Architecture version name for which test binaries should be compiled. For example, Armv7M, Armv8M-Baseline and Armv8M-Mainline Architecture. <br />
- <suite_name> is the suite name and it is same as the suite name available in test_suites/ directory. <br />
-- <include_path> is an additional directory to be included into compiler search path. **Note** - To run crypto tests, include path must point to path where "psa/crypto.h" is located in your build system.<br />
+- <include_path> is an additional directory to be included into compiler search path. Note- You must provide Developer APIs header file implementation to Test Suite build system using this option. For example - To compiler Crypto tests, include path must point to path where "psa/crypto.h" is located in your build system.<br />
- <build_dir> is an output directory to keep build files.
Refer ./tools/scripts/setup.sh --help to know more about options.
-*To compile crypto tests for fvp_mps2_cm4_mbedos platform*
+*To compile crypto tests for tgt_dev_apis_mbedos_fvp_mps2_m4 platform*
```
cd api-tests
-./tools/scripts/setup.sh --target fvp_mps2_cm4_mbedos --cpu_arch armv7m --suite crypto --build BUILD_CRYPTO --include <include_path>
+./tools/scripts/setup.sh --target tgt_dev_apis_mbedos_fvp_mps2_m4 --cpu_arch armv7m --suite crypto --build BUILD_CRYPTO --include <include_path>
```
### Build output
@@ -100,5 +93,5 @@
--------------
-*Copyright (c) 2018, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2018-2019, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/dev_apis/crypto/test_c001/test_c001.c b/api-tests/dev_apis/crypto/test_c001/test_c001.c
index 834f442..0b334fc 100644
--- a/api-tests/dev_apis/crypto/test_c001/test_c001.c
+++ b/api-tests/dev_apis/crypto/test_c001/test_c001.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,14 +15,8 @@
* limitations under the License.
**/
-#ifdef NONSECURE_TEST_BUILD
#include "val_interfaces.h"
#include "val_target.h"
-#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
-#endif
-
#include "test_c001.h"
client_test_t test_c001_crypto_list[] = {
@@ -36,49 +30,44 @@
int32_t psa_generate_random_without_init_test(security_t caller)
{
uint8_t output[GENERATE_SIZE];
+ int32_t status;
- val->print(PRINT_TEST, "[Check1] Test calling crypto functions before psa_crypto_init \n", 0);
+ val->print(PRINT_TEST, "[Check 1] Test calling crypto functions before psa_crypto_init\n", 0);
/* Generate random bytes */
- if (val->crypto_function(VAL_CRYPTO_GENERATE_RANDOM, output, GENERATE_SIZE) == PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "The crypto function should have failed but succeeded\n", 0);
- return VAL_STATUS_CRYPTO_FAILURE;
- }
+ status = val->crypto_function(VAL_CRYPTO_GENERATE_RANDOM, output, GENERATE_SIZE);
+ if (status == PSA_SUCCESS)
+ return RESULT_SKIP(VAL_STATUS_INIT_ALREADY_DONE);
+ else
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(1));
return VAL_STATUS_SUCCESS;
}
int32_t psa_crypto_init_test(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
+ int32_t status;
- val->print(PRINT_TEST, "[Check2] Test psa_crypto_init\n", status);
+ val->print(PRINT_TEST, "[Check 2] Test psa_crypto_init\n", 0);
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "Crypto init failed\n", 0);
- status = VAL_STATUS_INIT_FAILED;
- }
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
- return status;
+ return VAL_STATUS_SUCCESS;
}
int32_t multiple_psa_crypto_init_test(security_t caller)
{
- int32_t i, status = VAL_STATUS_SUCCESS;
+ int32_t i, status;
- val->print(PRINT_TEST, "[Check3] Test multiple psa_crypto_init \n", 0);
+ val->print(PRINT_TEST, "[Check 3] Test multiple psa_crypto_init \n", 0);
for (i = 0; i < 5; i++)
{
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- status = VAL_STATUS_INIT_FAILED;
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
}
- return status;
+ return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/dev_apis/crypto/test_c001/test_c001.h b/api-tests/dev_apis/crypto/test_c001/test_c001.h
index e23ee76..02a8c6b 100644
--- a/api-tests/dev_apis/crypto/test_c001/test_c001.h
+++ b/api-tests/dev_apis/crypto/test_c001/test_c001.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,7 +18,6 @@
#define _TEST_C001_CLIENT_TESTS_H_
#include "val_crypto.h"
-
#define test_entry CONCAT(test_entry_,c001)
#define val CONCAT(val,test_entry)
#define psa CONCAT(psa,test_entry)
diff --git a/api-tests/dev_apis/crypto/test_c002/test_c002.c b/api-tests/dev_apis/crypto/test_c002/test_c002.c
index df4de84..8e1f0c1 100644
--- a/api-tests/dev_apis/crypto/test_c002/test_c002.c
+++ b/api-tests/dev_apis/crypto/test_c002/test_c002.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,14 +15,8 @@
* limitations under the License.
**/
-#ifdef NONSECURE_TEST_BUILD
#include "val_interfaces.h"
#include "val_target.h"
-#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
-#endif
-
#include "test_c002.h"
#include "test_data.h"
#include "val_crypto.h"
@@ -34,37 +28,38 @@
NULL,
};
-int g_test_count;
+static int g_test_count = 1;
int32_t psa_import_key_test(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
- uint32_t length, i, j;
+ uint32_t length, i;
uint8_t data[BUFFER_SIZE];
uint8_t *key_data;
psa_key_policy_t policy;
psa_key_type_t key_type;
size_t bits;
int num_checks = sizeof(check1)/sizeof(check1[0]);
-
- g_test_count = 1;
+ int32_t status;
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
-
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
/* Set the key data buffer to the input base on algorithm */
for (i = 0; i < num_checks; i++)
{
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
{
if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
@@ -100,80 +95,46 @@
val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
check1[i].key_alg);
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
/* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_slot, &policy);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA set key policy failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_slot, check1[i].key_type,
- key_data, check1[i].key_length);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA import key failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(5));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ continue;
/* Get basic metadata about a key */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_slot,
- &key_type, &bits);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA get key information failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_handle,
+ &key_type, &bits);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
- if (key_type != check1[i].key_type)
- {
- val->print(PRINT_ERROR, "\tPSA mismatch key type\n", 0);
- return status;
- }
+ TEST_ASSERT_EQUAL(key_type, check1[i].key_type, TEST_CHECKPOINT_NUM(7));
- if (bits != check1[i].expected_bit_length)
- {
- val->print(PRINT_ERROR, "\tStored key length mismatch\n", 0);
- return VAL_STATUS_INVALID_SIZE;
- }
+ TEST_ASSERT_EQUAL(bits, check1[i].expected_bit_length, TEST_CHECKPOINT_NUM(8));
/* Export a key in binary format */
- status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check1[i].key_slot, data,
- BUFFER_SIZE, &length);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA export key failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check1[i].key_handle, data,
+ BUFFER_SIZE, &length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
- if (length != check1[i].expected_key_length)
- {
- val->print(PRINT_ERROR, "\tKey length mismatch\n", 0);
- return VAL_STATUS_INVALID_SIZE;
- }
+ TEST_ASSERT_EQUAL(length, check1[i].expected_key_length, TEST_CHECKPOINT_NUM(10));
- if (val->crypto_key_type_is_raw(check1[i].key_type))
+ if (PSA_KEY_TYPE_IS_UNSTRUCTURED(check1[i].key_type))
{
- for (j = 0; j < length; j++)
- {
- if (check1[i].key_data[j] != data[j])
- {
- val->print(PRINT_ERROR, "\tKey data mismatch\n", 0);
- return VAL_STATUS_DATA_MISMATCH;
- }
- }
+ TEST_ASSERT_MEMCMP(data, check1[i].key_data, length, TEST_CHECKPOINT_NUM(11));
}
else if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type) || PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
{
- for (j = 0; j < length; j++)
- {
- if (key_data[j] != data[j])
- {
- val->print(PRINT_ERROR, "\tKey data mismatch\n", 0);
- return VAL_STATUS_DATA_MISMATCH;
- }
- }
+ TEST_ASSERT_MEMCMP(key_data, data, length, TEST_CHECKPOINT_NUM(12));
}
else
{
@@ -186,21 +147,28 @@
int32_t psa_import_key_negative_test(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
int num_checks = sizeof(check2)/sizeof(check2[0]);
- uint32_t i;
+ int32_t i, status;
psa_key_policy_t policy;
+ psa_key_handle_t invalid_key_handle = 0xdead;
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
for (i = 0; i < num_checks; i++)
{
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, check2[i].test_desc, 0);
+ val->print(PRINT_TEST, "[Check %d] Test psa_import_key with already occupied key slot\n",
+ g_test_count++);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check2[i].key_type,
+ check2[i].key_length, &check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Initialize a key policy structure to a default that forbids all
* usage of the key
@@ -212,13 +180,39 @@
check2[i].key_alg);
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check2[i].key_slot, check2[i].key_type,
- check2[i].key_data, check2[i].key_length);
- if (check2[i].expected_status != status)
- {
- val->print(PRINT_ERROR, "\tPSA import key should have failed but succeeded\n", 0);
- return VAL_STATUS_ERROR;
- }
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check2[i].key_handle,
+ check2[i].key_type, check2[i].key_data, check2[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the occupied key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check2[i].key_handle,
+ check2[i].key_type, check2[i].key_data, check2[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_OCCUPIED_SLOT, TEST_CHECKPOINT_NUM(5));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_import_key with zero as key handle\n",
+ g_test_count++);
+ /* Import the key data with zero as key handle */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, 0, check2[i].key_type,
+ check2[i].key_data, check2[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(6));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_import_key with destroyed handle\n",
+ g_test_count++);
+ /* Destroy the handle */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+
+ /* Import the key data with destroyed handle */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check2[i].key_handle,
+ check2[i].key_type, check2[i].key_data, check2[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(8));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_import_key with unallocated key handle\n",
+ g_test_count++);
+ /* Import the key data with unallocated key handle */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, invalid_key_handle, check2[i].key_type,
+ check2[i].key_data, check2[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(6));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c002/test_c002.h b/api-tests/dev_apis/crypto/test_c002/test_c002.h
index 5411e27..4081d29 100644
--- a/api-tests/dev_apis/crypto/test_c002/test_c002.h
+++ b/api-tests/dev_apis/crypto/test_c002/test_c002.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,7 +18,6 @@
#define _TEST_C002_CLIENT_TESTS_H_
#include "val_crypto.h"
-
#define test_entry CONCAT(test_entry_,c002)
#define val CONCAT(val,test_entry)
#define psa CONCAT(psa,test_entry)
diff --git a/api-tests/dev_apis/crypto/test_c002/test_data.h b/api-tests/dev_apis/crypto/test_c002/test_data.h
index 5492463..ca75960 100644
--- a/api-tests/dev_apis/crypto/test_c002/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c002/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -19,7 +19,7 @@
typedef struct {
char test_desc[75];
- psa_key_slot_t key_slot;
+ psa_key_handle_t key_handle;
psa_key_type_t key_type;
uint8_t key_data[34];
uint32_t key_length;
@@ -30,10 +30,10 @@
psa_status_t expected_status;
} test_data;
-uint8_t rsa_384_keypair[1];
-uint8_t rsa_384_keydata[1];
+static uint8_t rsa_384_keypair[1];
+static uint8_t rsa_384_keydata[1];
-uint8_t rsa_256_keypair[] = {
+static uint8_t rsa_256_keypair[] = {
0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
@@ -127,7 +127,7 @@
0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
-uint8_t rsa_256_keydata[] = {
+static uint8_t rsa_256_keydata[] = {
0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A,
0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
@@ -150,7 +150,7 @@
0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
-uint8_t ec_keydata[] = {
+static uint8_t ec_keydata[] = {
0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
@@ -158,7 +158,7 @@
0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
0x24, 0x74, 0x90, 0x9A, 0xE0};
-uint8_t ec_keypair[] = {
+static uint8_t ec_keypair[] = {
0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
0xF5, 0x49, 0xBD, 0x6F, 0x05, 0x53, 0x49, 0x4B, 0x73, 0xE3, 0xD6, 0x11, 0x30, 0xFD,
0xC6, 0xC9, 0x6D, 0xA0, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
@@ -167,18 +167,18 @@
0xB7, 0x76, 0xC6, 0x74, 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F,
0x68, 0x54, 0xB5, 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
-test_data check1[] = {
+static test_data check1[] = {
{"Test psa_import_key 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
},
{"Test psa_import_key 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
- AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
},
@@ -186,7 +186,7 @@
{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
},
@@ -204,14 +204,14 @@
{"Test psa_import_key with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
},
{"Test psa_import_key with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
},
@@ -219,7 +219,7 @@
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
- DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
},
@@ -236,50 +236,36 @@
97, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
192, 97, PSA_SUCCESS
},
-};
-
-test_data check2[] = {
{"Test psa_import_key with key data greater than the algorithm size\n", 11, PSA_KEY_TYPE_AES,
{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9, 0x05, 0xC9, 0xED,
0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_34B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_34B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_34B_KEY_SIZE), AES_34B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
{"Test psa_import_key with incorrect key data size\n", 12, PSA_KEY_TYPE_AES,
{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
0x40, 0xAC, 0xA3, 0x90},
-AES_18B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+AES_18B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_18B_KEY_SIZE), AES_18B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
{"Test psa_import_key with incorrect key type\n", 13, PSA_KEY_TYPE_VENDOR_FLAG,
{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
-AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_ERROR_NOT_SUPPORTED,
},
+};
-{"Test psa_import_key with already occupied key slot\n", 1, PSA_KEY_TYPE_AES,
+static test_data check2[] = {
+{"Test psa_import_key negative cases\n", 1, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
0x5F, 0xC9},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_OCCUPIED_SLOT
},
-{"Test psa_import_key with invalid key slot\n", INVALID_KEY_SLOT, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
-BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
-},
-
-{"Test psa_import_key with zero key slot\n", ZERO_KEY_SLOT, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
-BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
-},
};
diff --git a/api-tests/dev_apis/crypto/test_c003/test_c003.c b/api-tests/dev_apis/crypto/test_c003/test_c003.c
index 661391b..4d9121a 100644
--- a/api-tests/dev_apis/crypto/test_c003/test_c003.c
+++ b/api-tests/dev_apis/crypto/test_c003/test_c003.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,14 +15,8 @@
* limitations under the License.
**/
-#ifdef NONSECURE_TEST_BUILD
#include "val_interfaces.h"
#include "val_target.h"
-#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
-#endif
-
#include "test_c003.h"
#include "test_data.h"
@@ -33,35 +27,38 @@
NULL,
};
-int g_test_count;
+static int g_test_count = 1;
+static uint8_t data[BUFFER_SIZE];
int32_t psa_export_key_test(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
- uint32_t length, i, j;
- uint8_t data[BUFFER_SIZE];
+ uint32_t length, i;
uint8_t *key_data;
psa_key_policy_t policy;
psa_key_type_t key_type;
size_t bits;
int num_checks = sizeof(check1)/sizeof(check1[0]);
-
- g_test_count = 1;
+ int32_t status;
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
-
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
/* Set the key data buffer to the input base on algorithm */
for (i = 0; i < num_checks; i++)
{
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
{
if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
@@ -96,87 +93,48 @@
/* Set the standard fields of a policy structure */
val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
check1[i].key_alg);
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_slot, &policy);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA set key policy failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_slot, check1[i].key_type,
- key_data, check1[i].key_length);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA import key failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Get basic metadata about a key */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_slot,
- &key_type, &bits);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA get key information failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_handle,
+ &key_type, &bits);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
- if (key_type != check1[i].key_type)
- {
- val->print(PRINT_ERROR, "\tPSA mismatch key type\n", 0);
- return status;
- }
+ TEST_ASSERT_EQUAL(key_type, check1[i].key_type, TEST_CHECKPOINT_NUM(7));
- if (bits != check1[i].expected_bit_length)
- {
- val->print(PRINT_ERROR, "\tStored key length mismatch\n", 0);
- return VAL_STATUS_INVALID_SIZE;
- }
+ TEST_ASSERT_EQUAL(bits, check1[i].expected_bit_length, TEST_CHECKPOINT_NUM(8));
/* Export a key in binary format */
- status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check1[i].key_slot, data,
- BUFFER_SIZE, &length);
- if (status != check1[i].expected_status)
- {
- val->print(PRINT_ERROR, "\tPSA export key failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check1[i].key_handle, data,
+ check1[i].buffer_size, &length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(9));
if (check1[i].expected_status != PSA_SUCCESS)
continue;
- if (length != check1[i].expected_key_length)
- {
- val->print(PRINT_ERROR, "\tKey length mismatch\n", 0);
- return VAL_STATUS_INVALID_SIZE;
- }
+ TEST_ASSERT_EQUAL(length, check1[i].expected_key_length, TEST_CHECKPOINT_NUM(10));
/* Check if original key data matches with the exported data */
- if (val->crypto_key_type_is_raw(check1[i].key_type))
+ if (PSA_KEY_TYPE_IS_UNSTRUCTURED(check1[i].key_type))
{
- for (j = 0; j < length; j++)
- {
- if (check1[i].key_data[j] != data[j])
- {
- val->print(PRINT_ERROR, "\tKey data mismatch\n", 0);
- return VAL_STATUS_DATA_MISMATCH;
- }
- }
+ TEST_ASSERT_MEMCMP(check1[i].key_data, data, length, TEST_CHECKPOINT_NUM(11));
}
else if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type) || PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
{
- for (j = 0; j < length; j++)
- {
- if (key_data[j] != data[j])
- {
- val->print(PRINT_ERROR, "\tKey data mismatch\n", 0);
- return VAL_STATUS_DATA_MISMATCH;
- }
- }
+ TEST_ASSERT_MEMCMP(key_data, data, length, TEST_CHECKPOINT_NUM(12));
}
else
{
@@ -189,30 +147,76 @@
int32_t psa_export_key_negative_test(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
- int num_checks = sizeof(check2)/sizeof(check2[0]);
- uint32_t i, length;
- uint8_t data[BUFFER_SIZE];
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ uint32_t i, length;
+ int32_t status;
+ psa_key_policy_t policy;
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
for (i = 0; i < num_checks; i++)
{
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, check2[i].test_desc, 0);
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_export_key with unallocated key handle\n",
+ g_test_count++);
+ /* Export a key in binary format */
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check2[i].key_handle, data,
+ check2[i].key_length, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_export_key with empty key handle\n",
+ g_test_count++);
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check2[i].key_type,
+ check2[i].key_length, &check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Export a key in binary format */
- status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check2[i].key_slot, data,
- check2[i].key_length, &length);
- if (check2[i].expected_status != status)
- {
- val->print(PRINT_ERROR, "\tPSA export key should have failed but succeeded\n", 0);
- return VAL_STATUS_ERROR;
- }
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check2[i].key_handle, data,
+ check2[i].key_length, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_EMPTY_SLOT, TEST_CHECKPOINT_NUM(5));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_export_key with zero as key handle\n",
+ g_test_count++);
+ /* Export a key in binary format */
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, 0, data,
+ check2[i].key_length, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(6));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_export_key with destroyed key handle\n",
+ g_test_count++);
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
+ check2[i].key_alg);
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check2[i].key_handle,
+ check2[i].key_type, check2[i].key_data, check2[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
+ /* Destroy the key handle */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+
+ /* Export a key in binary format */
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check2[i].key_handle, data,
+ check2[i].key_length, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(10));
}
+
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/dev_apis/crypto/test_c003/test_c003.h b/api-tests/dev_apis/crypto/test_c003/test_c003.h
index 3ff620e..4d8a4d6 100644
--- a/api-tests/dev_apis/crypto/test_c003/test_c003.h
+++ b/api-tests/dev_apis/crypto/test_c003/test_c003.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,7 +18,6 @@
#define _TEST_C003_CLIENT_TESTS_H_
#include "val_crypto.h"
-
#define test_entry CONCAT(test_entry_,c003)
#define val CONCAT(val,test_entry)
#define psa CONCAT(psa,test_entry)
diff --git a/api-tests/dev_apis/crypto/test_c003/test_data.h b/api-tests/dev_apis/crypto/test_c003/test_data.h
index a560c63..a53b1c5 100644
--- a/api-tests/dev_apis/crypto/test_c003/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c003/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -21,20 +21,21 @@
typedef struct {
char test_desc[75];
- psa_key_slot_t key_slot;
+ psa_key_handle_t key_handle;
psa_key_type_t key_type;
uint8_t key_data[34];
uint32_t key_length;
psa_key_usage_t usage;
psa_algorithm_t key_alg;
+ size_t buffer_size;
uint32_t expected_bit_length;
uint32_t expected_key_length;
psa_status_t expected_status;
} test_data;
-uint8_t rsa_384_keypair[1];
-uint8_t rsa_384_keydata[1];
-uint8_t rsa_256_keypair[] = {
+static uint8_t rsa_384_keypair[1];
+static uint8_t rsa_384_keydata[1];
+static uint8_t rsa_256_keypair[] = {
0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
@@ -128,7 +129,7 @@
0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
-uint8_t rsa_256_keydata[] = {
+static uint8_t rsa_256_keydata[] = {
0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A,
0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
@@ -151,7 +152,7 @@
0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
-uint8_t ec_keydata[] = {
+static uint8_t ec_keydata[] = {
0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
@@ -159,7 +160,7 @@
0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
0x24, 0x74, 0x90, 0x9A, 0xE0};
-uint8_t ec_keypair[] = {
+static uint8_t ec_keypair[] = {
0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
0xF5, 0x49, 0xBD, 0x6F, 0x05, 0x53, 0x49, 0x4B, 0x73, 0xE3, 0xD6, 0x11, 0x30, 0xFD,
0xC6, 0xC9, 0x6D, 0xA0, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
@@ -168,18 +169,18 @@
0xB7, 0x76, 0xC6, 0x74, 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F,
0x68, 0x54, 0xB5, 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
-test_data check1[] = {
+static test_data check1[] = {
{"Test psa_export_key 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
},
{"Test psa_export_key 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
- AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
},
@@ -187,32 +188,32 @@
{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
},
{"Test psa_export_key 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
{0},
- 294, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 294, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, BUFFER_SIZE,
2048, 294, PSA_SUCCESS
},
{"Test psa_export_key with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
{0},
- 1193, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 1193, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, BUFFER_SIZE,
2048, 1193, PSA_SUCCESS
},
{"Test psa_export_key with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
},
{"Test psa_export_key with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
},
@@ -220,55 +221,44 @@
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
- DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
},
{"Test psa_export_key with EC Public key\n", 9,
PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | PSA_ECC_CURVE_SECP192R1,
{0},
- 75, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 75, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION, BUFFER_SIZE,
192, 75, PSA_SUCCESS
},
{"Test psa_export_key with EC keypair\n", 10,
PSA_KEY_TYPE_ECC_KEYPAIR_BASE | PSA_ECC_CURVE_SECP192R1,
{0},
- 97, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 97, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION, BUFFER_SIZE,
192, 97, PSA_SUCCESS
},
{"Test psa_export_key with key policy verify\n", 11, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_VERIFY, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_VERIFY, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_NOT_PERMITTED
},
+
+{"Test psa_export_key with less buffer size\n", 12, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, 14,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_BUFFER_TOO_SMALL
+},
};
-
-test_data check2[] = {
-{"Test psa_export_key with invalid key slot\n", INVALID_KEY_SLOT, PSA_KEY_TYPE_AES,
-{0},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
-BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
-},
-
-{"Test psa_export_key with zero key slot\n", ZERO_KEY_SLOT, PSA_KEY_TYPE_AES,
-{0},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
-BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
-},
-
-{"Test psa_export_key with less buffer size\n", 1, PSA_KEY_TYPE_AES,
-{0},
-14, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
-BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_BUFFER_TOO_SMALL
-},
-
-{"Test psa_export_key with empty key slot\n", EMPTY_KEY_SLOT, PSA_KEY_TYPE_AES,
-{0},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
-BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_EMPTY_SLOT
+static test_data check2[] = {
+{"Test psa_export_key negative case\n", 13, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
},
};
diff --git a/api-tests/dev_apis/crypto/test_c004/test_c004.c b/api-tests/dev_apis/crypto/test_c004/test_c004.c
index 66c6839..257b37d 100644
--- a/api-tests/dev_apis/crypto/test_c004/test_c004.c
+++ b/api-tests/dev_apis/crypto/test_c004/test_c004.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,53 +15,50 @@
* limitations under the License.
**/
-#ifdef NONSECURE_TEST_BUILD
#include "val_interfaces.h"
#include "val_target.h"
-#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
-#endif
-
#include "test_c004.h"
#include "test_data.h"
client_test_t test_c004_crypto_list[] = {
NULL,
test_psa_export_public_key,
- test_psa_export_public_key_slot,
+ test_psa_export_public_key_handle,
NULL,
};
-int g_test_count;
+static int g_test_count = 1;
+static uint8_t data[BUFFER_SIZE];
int32_t test_psa_export_public_key(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
- uint32_t length, i, j;
- uint8_t data[BUFFER_SIZE];
+ uint32_t length, i;
uint8_t *key_data;
psa_key_policy_t policy;
psa_key_type_t key_type;
size_t bits;
int num_checks = sizeof(check1)/sizeof(check1[0]);
-
- g_test_count = 1;
+ int32_t status;
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
-
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
/* Set the key data buffer to the input base on algorithm */
for (i = 0; i < num_checks; i++)
{
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
{
if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
@@ -96,76 +93,44 @@
/* Set the standard fields of a policy structure */
val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
check1[i].key_alg);
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_slot, &policy);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA set key policy failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_slot, check1[i].key_type,
- key_data, check1[i].key_length);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA import key failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Get basic metadata about a key */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_slot,
- &key_type, &bits);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA get key information failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_handle,
+ &key_type, &bits);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
- if (key_type != check1[i].key_type)
- {
- val->print(PRINT_ERROR, "\tPSA mismatch key type\n", 0);
- return status;
- }
+ TEST_ASSERT_EQUAL(key_type, check1[i].key_type, TEST_CHECKPOINT_NUM(7));
- if (bits != check1[i].expected_bit_length)
- {
- val->print(PRINT_ERROR, "\tStored key length mismatch\n", 0);
- return VAL_STATUS_INVALID_SIZE;
- }
+ TEST_ASSERT_EQUAL(bits, check1[i].expected_bit_length, TEST_CHECKPOINT_NUM(8));
/* Export a key in binary format */
- status = val->crypto_function(VAL_CRYPTO_EXPORT_PUBLIC_KEY, check1[i].key_slot, data,
- BUFFER_SIZE, &length);
- if (status != check1[i].expected_status)
- {
- val->print(PRINT_ERROR, "\tPSA export public key failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_PUBLIC_KEY, check1[i].key_handle, data,
+ check1[i].buffer_size, &length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(9));
if (check1[i].expected_status != PSA_SUCCESS)
continue;
- if (length != check1[i].expected_key_length)
- {
- val->print(PRINT_ERROR, "\tKey length mismatch\n", 0);
- return VAL_STATUS_INVALID_SIZE;
- }
+ TEST_ASSERT_EQUAL(length, check1[i].expected_key_length, TEST_CHECKPOINT_NUM(10));
/* Check if original key data matches with the exported data */
- if (val->crypto_key_type_is_raw(check1[i].key_type))
+ if (PSA_KEY_TYPE_IS_UNSTRUCTURED(check1[i].key_type))
{
- for (j = 0; j < length; j++)
- {
- if (check1[i].key_data[j] != data[j])
- {
- val->print(PRINT_ERROR, "\tKey data mismatch\n", 0);
- return VAL_STATUS_DATA_MISMATCH;
- }
- }
+ TEST_ASSERT_MEMCMP(check1[i].key_data, data, length, TEST_CHECKPOINT_NUM(11));
}
else if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type) || PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
{
@@ -174,14 +139,7 @@
else if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
key_data = expected_ec_pubprv;
- for (j = 0; j < length; j++)
- {
- if (key_data[j] != data[j])
- {
- val->print(PRINT_ERROR, "\tKey data mismatch\n", 0);
- return VAL_STATUS_DATA_MISMATCH;
- }
- }
+ TEST_ASSERT_MEMCMP(key_data, data, length, TEST_CHECKPOINT_NUM(12));
}
else
{
@@ -193,33 +151,109 @@
}
-int32_t test_psa_export_public_key_slot(security_t caller)
+int32_t test_psa_export_public_key_handle(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
- int num_checks = sizeof(check2)/sizeof(check2[0]);
- uint32_t i, length;
- uint8_t data[BUFFER_SIZE];
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ uint32_t i, length;
+ int32_t status;
+ uint8_t *key_data;
+ psa_key_policy_t policy;
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
for (i = 0; i < num_checks; i++)
{
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, check2[i].test_desc, 0);
+ val->print(PRINT_TEST, "[Check %d] Test psa_export_key with unallocated key handle\n",
+ g_test_count++);
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
/* Export a key in binary format */
- status = val->crypto_function(VAL_CRYPTO_EXPORT_PUBLIC_KEY, check2[i].key_slot, data,
- check2[i].key_length, &length);
- if (check2[i].expected_status != status)
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_PUBLIC_KEY, check2[i].key_handle, data,
+ check2[i].key_length, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_export_key with empty key handle\n",
+ g_test_count++);
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check2[i].key_type,
+ check2[i].key_length, &check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Export a key in binary format */
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_PUBLIC_KEY, check2[i].key_handle, data,
+ check2[i].key_length, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_EMPTY_SLOT, TEST_CHECKPOINT_NUM(5));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_export_key with zero as key handle\n",
+ g_test_count++);
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_PUBLIC_KEY, 0, data,
+ check2[i].key_length, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(6));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_export_key with destroyed key handle\n",
+ g_test_count++);
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
+ check2[i].key_alg);
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+
+ if (PSA_KEY_TYPE_IS_RSA(check2[i].key_type))
{
- val->print(PRINT_ERROR, "\tPSA export publickey should have failed but succeeded\n", 0);
- return VAL_STATUS_ERROR;
+ if (check2[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ {
+ if (check2[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keypair;
+ else if (check2[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keypair;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ else
+ {
+ if (check2[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keydata;
+ else if (check2[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keydata;
+ else
+ return VAL_STATUS_INVALID;
+ }
}
+ else if (PSA_KEY_TYPE_IS_ECC(check2[i].key_type))
+ {
+ if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check2[i].key_type))
+ key_data = ec_keypair;
+ else
+ key_data = ec_keydata;
+ }
+ else
+ key_data = check2[i].key_data;
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check2[i].key_handle,
+ check2[i].key_type, key_data, check2[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
+ /* Destroy the key handle */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+
+ /* Export a key in binary format */
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_PUBLIC_KEY, check2[i].key_handle, data,
+ check2[i].key_length, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(10));
}
+
return VAL_STATUS_SUCCESS;
}
-
diff --git a/api-tests/dev_apis/crypto/test_c004/test_c004.h b/api-tests/dev_apis/crypto/test_c004/test_c004.h
index c74d436..c24ec82 100644
--- a/api-tests/dev_apis/crypto/test_c004/test_c004.h
+++ b/api-tests/dev_apis/crypto/test_c004/test_c004.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,7 +18,6 @@
#define _TEST_C004_CLIENT_TESTS_H_
#include "val_crypto.h"
-
#define test_entry CONCAT(test_entry_,c004)
#define val CONCAT(val,test_entry)
#define psa CONCAT(psa,test_entry)
@@ -28,5 +27,5 @@
extern client_test_t test_c004_crypto_list[];
int32_t test_psa_export_public_key(security_t caller);
-int32_t test_psa_export_public_key_slot(security_t caller);
+int32_t test_psa_export_public_key_handle(security_t caller);
#endif /* _TEST_C004_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c004/test_data.h b/api-tests/dev_apis/crypto/test_c004/test_data.h
index b446350..bb8eebe 100644
--- a/api-tests/dev_apis/crypto/test_c004/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c004/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,24 +17,23 @@
#include "val_crypto.h"
-#define EMPTY_KEY_SLOT 31
-
typedef struct {
char test_desc[75];
- psa_key_slot_t key_slot;
+ psa_key_handle_t key_handle;
psa_key_type_t key_type;
uint8_t key_data[34];
uint32_t key_length;
psa_key_usage_t usage;
psa_algorithm_t key_alg;
+ size_t buffer_size;
uint32_t expected_bit_length;
uint32_t expected_key_length;
psa_status_t expected_status;
} test_data;
-uint8_t rsa_384_keypair[1];
-uint8_t rsa_384_keydata[1];
-uint8_t expected_rsa_256_pubprv[] = {
+static uint8_t rsa_384_keypair[1];
+static uint8_t rsa_384_keydata[1];
+static uint8_t expected_rsa_256_pubprv[] = {
0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82,
0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0, 0x95, 0x08, 0xE1, 0x57, 0x41,
@@ -59,7 +58,7 @@
0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5, 0xD2, 0x96, 0xDF, 0xD9, 0xD0,
0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01};
-uint8_t expected_ec_pubprv[] = {
+static uint8_t expected_ec_pubprv[] = {
0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01,
0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00,
0x04, 0x51, 0x75, 0xBC, 0xDF, 0x30, 0xA3, 0x70, 0xF3, 0x9D, 0x53, 0x93, 0xE6,
@@ -67,7 +66,7 @@
0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F, 0x68, 0x54, 0xB5,
0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
-uint8_t rsa_256_keypair[] = {
+static uint8_t rsa_256_keypair[] = {
0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
@@ -161,7 +160,7 @@
0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
-uint8_t rsa_256_keydata[] = {
+static uint8_t rsa_256_keydata[] = {
0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A,
0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
@@ -184,7 +183,7 @@
0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
-uint8_t ec_keydata[] = {
+static uint8_t ec_keydata[] = {
0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
@@ -192,7 +191,7 @@
0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
0x24, 0x74, 0x90, 0x9A, 0xE0};
-uint8_t ec_keypair[] = {
+static uint8_t ec_keypair[] = {
0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
0xF5, 0x49, 0xBD, 0x6F, 0x05, 0x53, 0x49, 0x4B, 0x73, 0xE3, 0xD6, 0x11, 0x30, 0xFD,
0xC6, 0xC9, 0x6D, 0xA0, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
@@ -201,18 +200,18 @@
0xB7, 0x76, 0xC6, 0x74, 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F,
0x68, 0x54, 0xB5, 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
-test_data check1[] = {
+static test_data check1[] = {
{"Test psa_export_public_key 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
{"Test psa_export_public_key 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
- AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
@@ -220,32 +219,32 @@
{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
{"Test psa_export_public_key 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
{0},
- 294, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 294, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, BUFFER_SIZE,
2048, 294, PSA_SUCCESS
},
{"Test psa_export_public_key with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
{0},
- 1193, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 1193, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, BUFFER_SIZE,
2048, 294, PSA_SUCCESS
},
{"Test psa_export_public_key with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
{"Test psa_export_public_key with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
@@ -253,57 +252,42 @@
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
- DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, BUFFER_SIZE,
BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
{"Test psa_export_public_key with EC Public key\n", 9,
PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | PSA_ECC_CURVE_SECP192R1,
{0},
- 75, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 75, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION, BUFFER_SIZE,
192, 75, PSA_SUCCESS
},
{"Test psa_export_public_key with EC keypair\n", 10,
PSA_KEY_TYPE_ECC_KEYPAIR_BASE | PSA_ECC_CURVE_SECP192R1,
{0},
- 97, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 97, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION, BUFFER_SIZE,
192, 75, PSA_SUCCESS
},
{"Test psa_export_public_key with invalid key usage policy\n", 11,
PSA_KEY_TYPE_ECC_KEYPAIR_BASE | PSA_ECC_CURVE_SECP192R1,
{0},
- 97, PSA_KEY_USAGE_VERIFY, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 97, PSA_KEY_USAGE_VERIFY, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION, BUFFER_SIZE,
192, 75, PSA_SUCCESS
},
-};
-
-
-test_data check2[] = {
-{"Test psa_export_public_key with invalid keyslot\n", INVALID_KEY_SLOT, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+{"Test psa_export_public_key with less buffer size\n", 12, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
{0},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
-BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
-},
-
-{"Test psa_export_public_key with zero key slot\n", ZERO_KEY_SLOT, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
-{0},
-294, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
-2048, 294, PSA_ERROR_INVALID_ARGUMENT
-},
-
-{"Test psa_export_public_key with less buffer size\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
-{0},
-200, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+294, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, 200,
2048, 294, PSA_ERROR_BUFFER_TOO_SMALL
},
+};
-{"Test psa_export_public_key with empty key slot\n", EMPTY_KEY_SLOT, PSA_KEY_TYPE_AES,
-{0},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
-BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_EMPTY_SLOT
+static test_data check2[] = {
+{"Test psa_export_public_key negative case\n", 13, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+ {0},
+ 294, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, BUFFER_SIZE,
+ 2048, 294, PSA_SUCCESS
},
-
};
diff --git a/api-tests/dev_apis/crypto/test_c005/test_c005.c b/api-tests/dev_apis/crypto/test_c005/test_c005.c
index 83f01af..1d50315 100644
--- a/api-tests/dev_apis/crypto/test_c005/test_c005.c
+++ b/api-tests/dev_apis/crypto/test_c005/test_c005.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,14 +15,8 @@
* limitations under the License.
**/
-#ifdef NONSECURE_TEST_BUILD
#include "val_interfaces.h"
#include "val_target.h"
-#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
-#endif
-
#include "test_c005.h"
#include "test_data.h"
@@ -33,34 +27,37 @@
NULL,
};
-int g_test_count;
+static int g_test_count = 1;
int32_t psa_destroy_key_test(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
uint32_t i;
uint8_t *key_data;
psa_key_policy_t policy;
psa_key_type_t key_type;
size_t bits;
int num_checks = sizeof(check1)/sizeof(check1[0]);
-
- g_test_count = 1;
+ int32_t status;
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
-
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
/* Set the key data buffer to the input base on algorithm */
for (i = 0; i < num_checks; i++)
{
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
{
if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
@@ -95,76 +92,43 @@
/* Set the standard fields of a policy structure */
val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
check1[i].key_alg);
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_slot, &policy);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA set key policy failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_slot, check1[i].key_type,
- key_data, check1[i].key_length);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA import key failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Get basic metadata about a key */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_slot,
- &key_type, &bits);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA get key information failed\n", 0);
- return status;
- }
+ TEST_ASSERT_EQUAL(val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_handle,
+ &key_type, &bits),
+ PSA_SUCCESS,
+ TEST_CHECKPOINT_NUM(6));
- if (key_type != check1[i].key_type)
- {
- val->print(PRINT_ERROR, "\tPSA mismatch key type\n", 0);
- return status;
- }
+ TEST_ASSERT_EQUAL(key_type, check1[i].key_type, TEST_CHECKPOINT_NUM(7));
- if (bits != check1[i].expected_bit_length)
- {
- val->print(PRINT_ERROR, "\tStored key length mismatch\n", 0);
- return VAL_STATUS_INVALID_SIZE;
- }
+ TEST_ASSERT_EQUAL(bits, check1[i].expected_bit_length, TEST_CHECKPOINT_NUM(8));
/* Destroy a key and restore the slot to its default state */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_slot);
- if (status != check1[i].expected_status)
- {
- val->print(PRINT_ERROR, "\tPSA destroy key failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(9));
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_slot,
- &key_type, &bits);
- if (status == PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA get key info succeeded but should have failed\n", 0);
- return VAL_STATUS_ERROR;
- }
+ /* Get basic metadata about a key */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_handle,
+ &key_type, &bits);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(10));
/* Check that if the key metadata are destroyed */
- if (key_type == check1[i].key_type)
- {
- val->print(PRINT_ERROR, "\tPSA key meta data not destroyed\n", 0);
- return VAL_STATUS_ERROR;
- }
-
- if (check1[i].expected_bit_length == bits)
- {
- val->print(PRINT_ERROR, "\tPSA key meta data not destroyed\n", 0);
- return status;
- }
-
+ TEST_ASSERT_NOT_EQUAL(key_type, check1[i].key_type, TEST_CHECKPOINT_NUM(11));
+ TEST_ASSERT_NOT_EQUAL(bits, check1[i].expected_bit_length, TEST_CHECKPOINT_NUM(12));
}
return VAL_STATUS_SUCCESS;
@@ -172,28 +136,46 @@
int32_t psa_destroy_invalid_key_test(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
int num_checks = sizeof(check2)/sizeof(check2[0]);
- uint32_t i;
+ int32_t i, status;
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
for (i = 0; i < num_checks; i++)
{
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, check2[i].test_desc, 0);
+ val->print(PRINT_TEST, "[Check %d] Test psa_destroy_key with unallocated key handle\n",
+ g_test_count++);
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
/* Destroy a key and restore the slot to its default state */
- status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check2[i].key_slot);
- if (check2[i].expected_status != status)
- {
- val->print(PRINT_ERROR, "\tPSA destroy key should have failed but succeeded\n", 0);
- return VAL_STATUS_ERROR;
- }
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_destroy_key with zero as key handle\n",
+ g_test_count++);
+ /* Destroy a key and restore the slot to its default state */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, 0);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check2[i].key_type,
+ check2[i].key_length, &check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_destroy_key with empty key handle\n",
+ g_test_count++);
+ /* Destroy a key and restore the slot to its default state */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Destroy a key and restore the slot to its default state */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(7));
}
+
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/dev_apis/crypto/test_c005/test_c005.h b/api-tests/dev_apis/crypto/test_c005/test_c005.h
index f5a508b..d191aed 100644
--- a/api-tests/dev_apis/crypto/test_c005/test_c005.h
+++ b/api-tests/dev_apis/crypto/test_c005/test_c005.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,7 +18,6 @@
#define _TEST_C005_CLIENT_TESTS_H_
#include "val_crypto.h"
-
#define test_entry CONCAT(test_entry_,c005)
#define val CONCAT(val,test_entry)
#define psa CONCAT(psa,test_entry)
diff --git a/api-tests/dev_apis/crypto/test_c005/test_data.h b/api-tests/dev_apis/crypto/test_c005/test_data.h
index 37f7e1f..5d87aab 100644
--- a/api-tests/dev_apis/crypto/test_c005/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c005/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -21,7 +21,7 @@
typedef struct {
char test_desc[75];
- psa_key_slot_t key_slot;
+ psa_key_handle_t key_handle;
psa_key_type_t key_type;
uint8_t key_data[34];
uint32_t key_length;
@@ -32,9 +32,9 @@
psa_status_t expected_status;
} test_data;
-uint8_t rsa_384_keypair[1];
-uint8_t rsa_384_keydata[1];
-uint8_t rsa_256_keypair[] = {
+static uint8_t rsa_384_keypair[1];
+static uint8_t rsa_384_keydata[1];
+static uint8_t rsa_256_keypair[] = {
0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
@@ -128,7 +128,7 @@
0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
-uint8_t rsa_256_keydata[] = {
+static uint8_t rsa_256_keydata[] = {
0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A,
0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
@@ -151,7 +151,7 @@
0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
-uint8_t ec_keydata[] = {
+static uint8_t ec_keydata[] = {
0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
@@ -159,7 +159,7 @@
0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
0x24, 0x74, 0x90, 0x9A, 0xE0};
-uint8_t ec_keypair[] = {
+static uint8_t ec_keypair[] = {
0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
0xF5, 0x49, 0xBD, 0x6F, 0x05, 0x53, 0x49, 0x4B, 0x73, 0xE3, 0xD6, 0x11, 0x30, 0xFD,
0xC6, 0xC9, 0x6D, 0xA0, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
@@ -168,18 +168,18 @@
0xB7, 0x76, 0xC6, 0x74, 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F,
0x68, 0x54, 0xB5, 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
-test_data check1[] = {
+static test_data check1[] = {
{"Test psa_destroy_key 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
},
{"Test psa_destroy_key 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
- AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
},
@@ -187,7 +187,7 @@
{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
},
@@ -205,14 +205,14 @@
{"Test psa_destroy_key with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
},
{"Test psa_destroy_key with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
},
@@ -220,7 +220,7 @@
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
- DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
},
@@ -240,22 +240,11 @@
};
-test_data check2[] = {
-{"Test psa_destroy_key with invalid key slot\n", INVALID_KEY_SLOT, PSA_KEY_TYPE_AES,
-{0},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
-BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
-},
-
-{"Test psa_destroy_key with zero key slot\n", ZERO_KEY_SLOT, PSA_KEY_TYPE_AES,
-{0},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
-BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
-},
-
-{"Test psa_destroy_key with empty key slot\n", EMPTY_KEY_SLOT, PSA_KEY_TYPE_AES,
-{0},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
-BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+static test_data check2[] = {
+{"Test psa_destroy_key negative case\n", 11, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
},
};
diff --git a/api-tests/dev_apis/crypto/test_c006/test_c006.c b/api-tests/dev_apis/crypto/test_c006/test_c006.c
index bc558a1..4a56734 100644
--- a/api-tests/dev_apis/crypto/test_c006/test_c006.c
+++ b/api-tests/dev_apis/crypto/test_c006/test_c006.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,14 +15,8 @@
* limitations under the License.
**/
-#ifdef NONSECURE_TEST_BUILD
#include "val_interfaces.h"
#include "val_target.h"
-#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
-#endif
-
#include "test_c006.h"
#include "test_data.h"
@@ -33,34 +27,36 @@
NULL,
};
-int g_test_count;
+static int g_test_count = 1;
int32_t psa_get_key_information_test(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
- uint32_t i;
+ int32_t i, status;
uint8_t *key_data;
psa_key_policy_t policy;
psa_key_type_t key_type;
size_t bits;
int num_checks = sizeof(check1)/sizeof(check1[0]);
- g_test_count = 1;
-
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
-
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
/* Set the key data buffer to the input base on algorithm */
for (i = 0; i < num_checks; i++)
{
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
{
if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
@@ -95,46 +91,32 @@
/* Set the standard fields of a policy structure */
val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
check1[i].key_alg);
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_slot, &policy);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA set key policy failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_slot, check1[i].key_type,
- key_data, check1[i].key_length);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA import key failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Get basic metadata about a key */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_slot,
- &key_type, &bits);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA get key information failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_handle,
+ &key_type, &bits);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
- if (key_type != check1[i].key_type)
- {
- val->print(PRINT_ERROR, "\tPSA mismatch key type\n", 0);
- return status;
- }
+ if (check1[i].expected_status != PSA_SUCCESS)
+ continue;
- if (bits != check1[i].expected_bit_length)
- {
- val->print(PRINT_ERROR, "\tStored key length mismatch\n", 0);
- return VAL_STATUS_INVALID_SIZE;
- }
+ TEST_ASSERT_EQUAL(key_type, check1[i].key_type, TEST_CHECKPOINT_NUM(7));
+
+ TEST_ASSERT_EQUAL(bits, check1[i].expected_bit_length, TEST_CHECKPOINT_NUM(8));
}
return VAL_STATUS_SUCCESS;
@@ -142,28 +124,57 @@
int32_t psa_get_key_information_invalid_test(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
- int num_checks = sizeof(check2)/sizeof(check2[0]);
- uint32_t i;
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ int32_t i, status;
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
for (i = 0; i < num_checks; i++)
{
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, check2[i].test_desc, 0);
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check2[i].key_slot,
- &check2[i].key_type, &check2[i].key_length);
- if (status != check2[i].expected_status)
- {
- val->print(PRINT_ERROR, "\tPSA get key info should have failed but succeeded\n", 0);
- return VAL_STATUS_ERROR;
- }
+ val->print(PRINT_TEST, "[Check %d] Test psa_get_key_information with unallocated"
+ " key handle\n", g_test_count++);
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Get basic metadata about a key */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check2[i].key_handle,
+ &check2[i].key_type, &check2[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_get_key_information with zero as"
+ " key handle\n", g_test_count++);
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, 0,
+ &check2[i].key_type, &check2[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_get_key_information with empty key handle\n",
+ g_test_count++);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check2[i].key_type,
+ check2[i].key_length, &check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Get basic metadata about a key */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check2[i].key_handle,
+ &check2[i].key_type, &check2[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_EMPTY_SLOT, TEST_CHECKPOINT_NUM(6));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_get_key_information with destroyed"
+ " key handle\n", g_test_count++);
+ /* Destroy a key and restore the slot to its default state */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+
+ /* Get basic metadata about a key */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check2[i].key_handle,
+ &check2[i].key_type, &check2[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(8));
}
+
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/dev_apis/crypto/test_c006/test_c006.h b/api-tests/dev_apis/crypto/test_c006/test_c006.h
index 0e7a1e1..f8d834b 100644
--- a/api-tests/dev_apis/crypto/test_c006/test_c006.h
+++ b/api-tests/dev_apis/crypto/test_c006/test_c006.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,7 +18,6 @@
#define _TEST_C006_CLIENT_TESTS_H_
#include "val_crypto.h"
-
#define test_entry CONCAT(test_entry_,c006)
#define val CONCAT(val,test_entry)
#define psa CONCAT(psa,test_entry)
diff --git a/api-tests/dev_apis/crypto/test_c006/test_data.h b/api-tests/dev_apis/crypto/test_c006/test_data.h
index ae1ee8f..b06fa5b 100644
--- a/api-tests/dev_apis/crypto/test_c006/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c006/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -21,7 +21,7 @@
typedef struct {
char test_desc[75];
- psa_key_slot_t key_slot;
+ psa_key_handle_t key_handle;
psa_key_type_t key_type;
uint8_t key_data[34];
uint32_t key_length;
@@ -32,10 +32,10 @@
psa_status_t expected_status;
} test_data;
-uint8_t rsa_384_keypair[1];
-uint8_t rsa_384_keydata[1];
+static uint8_t rsa_384_keypair[1];
+static uint8_t rsa_384_keydata[1];
-uint8_t rsa_256_keypair[] = {
+static uint8_t rsa_256_keypair[] = {
0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
@@ -129,7 +129,7 @@
0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
-uint8_t rsa_256_keydata[] = {
+static uint8_t rsa_256_keydata[] = {
0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A,
0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
@@ -152,7 +152,7 @@
0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
-uint8_t ec_keydata[] = {
+static uint8_t ec_keydata[] = {
0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
@@ -160,7 +160,7 @@
0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
0x24, 0x74, 0x90, 0x9A, 0xE0};
-uint8_t ec_keypair[] = {
+static uint8_t ec_keypair[] = {
0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
0xF5, 0x49, 0xBD, 0x6F, 0x05, 0x53, 0x49, 0x4B, 0x73, 0xE3, 0xD6, 0x11, 0x30, 0xFD,
0xC6, 0xC9, 0x6D, 0xA0, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
@@ -169,18 +169,18 @@
0xB7, 0x76, 0xC6, 0x74, 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F,
0x68, 0x54, 0xB5, 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
-test_data check1[] = {
+static test_data check1[] = {
{"Test psa_get_key_information 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
},
{"Test psa_get_key_information 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
- AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
},
@@ -188,7 +188,7 @@
{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
},
@@ -206,14 +206,14 @@
{"Test psa_get_key_information with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
},
{"Test psa_get_key_information with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
},
@@ -221,7 +221,7 @@
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
- DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
},
@@ -240,23 +240,11 @@
},
};
-
-test_data check2[] = {
-{"Test psa_get_key_information with invalid key slot\n", INVALID_KEY_SLOT, PSA_KEY_TYPE_AES,
-{0},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
-BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
-},
-
-{"Test psa_get_key_information with zero key slot\n", ZERO_KEY_SLOT, PSA_KEY_TYPE_AES,
-{0},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
-BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
-},
-
-{"Test psa_get_key_information with empty key slot\n", EMPTY_KEY_SLOT, PSA_KEY_TYPE_AES,
-{0},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
-BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_EMPTY_SLOT
+static test_data check2[] = {
+{"Test psa_get_key_information negative cases\n", 11, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
},
};
diff --git a/api-tests/dev_apis/crypto/test_c007/test_c007.c b/api-tests/dev_apis/crypto/test_c007/test_c007.c
index 2e59b1c..d92245a 100644
--- a/api-tests/dev_apis/crypto/test_c007/test_c007.c
+++ b/api-tests/dev_apis/crypto/test_c007/test_c007.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,14 +15,8 @@
* limitations under the License.
**/
-#ifdef NONSECURE_TEST_BUILD
#include "val_interfaces.h"
#include "val_target.h"
-#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
-#endif
-
#include "test_c007.h"
#include "test_data.h"
#include "val_crypto.h"
@@ -34,34 +28,35 @@
NULL,
};
-int g_test_count;
+static int g_test_count = 1;
int32_t psa_set_key_policy_test(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
uint8_t *key_data;
psa_key_policy_t policy, expected_policy;
int num_checks = sizeof(check1)/sizeof(check1[0]);
- uint32_t i;
-
- g_test_count = 1;
+ int32_t i, status;
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
-
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
/* Set the key data buffer to the input base on algorithm */
for (i = 0; i < num_checks; i++)
{
+
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
{
if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
@@ -97,38 +92,33 @@
val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
check1[i].key_alg);
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
/* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_slot, &policy);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA set key policy failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ continue;
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_slot, check1[i].key_type,
- key_data, check1[i].key_length);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA import key failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Get the usage policy for a key slot */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_POLICY, check1[i].key_slot,
- &expected_policy);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA get key policy failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_POLICY, check1[i].key_handle,
+ &expected_policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
- if ((expected_policy.usage != check1[i].usage) ||
- (expected_policy.alg != check1[i].key_alg))
- {
- val->print(PRINT_ERROR, "\tPolicy data Mismatch\n", 0);
- return VAL_STATUS_DATA_MISMATCH;
- }
+ /* Check if the usage is same as programmed */
+ TEST_ASSERT_EQUAL(expected_policy.usage, check1[i].usage, TEST_CHECKPOINT_NUM(7));
+
+ /* Check if the algorithm is same as programmed */
+ TEST_ASSERT_EQUAL(expected_policy.alg, check1[i].key_alg, TEST_CHECKPOINT_NUM(8));
}
return VAL_STATUS_SUCCESS;
@@ -136,16 +126,13 @@
int32_t psa_set_key_policy_negative_test(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
int num_checks = sizeof(check2)/sizeof(check2[0]);
- uint32_t i;
+ int32_t i, status;
psa_key_policy_t policy;
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
/* Initialize a key policy structure to a default that forbids all
* usage of the key
@@ -154,20 +141,49 @@
for (i = 0; i < num_checks; i++)
{
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, check2[i].test_desc, 0);
+ val->print(PRINT_TEST, "[Check %d] Test psa_set_key_policy with unallocated key handle\n",
+ g_test_count++);
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- /* Set the usage policy on a key slot */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
+ /* Set the usage policy on a key slot */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
check2[i].key_alg);
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_slot, &policy);
- if (status != check2[i].expected_status)
- {
- val->print(PRINT_ERROR, "\tPSA set key policy should have failed but succeeded\n", 0);
- return VAL_STATUS_ERROR;
- }
+ val->print(PRINT_TEST, "[Check %d] Test psa_set_key_policy with zero as key handle\n",
+ g_test_count++);
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, 0, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
+
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Set the usage policy on a key slot */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
+ check2[i].key_alg);
+ val->print(PRINT_TEST, "[Check %d] Test psa_set_key_policy with already occupied handle\n",
+ g_test_count++);
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check2[i].key_type,
+ check2[i].key_length, &check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check2[i].key_handle,
+ check2[i].key_type, check2[i].key_data, check2[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_OCCUPIED_SLOT, TEST_CHECKPOINT_NUM(8));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c007/test_c007.h b/api-tests/dev_apis/crypto/test_c007/test_c007.h
index 0201852..ee5635f 100644
--- a/api-tests/dev_apis/crypto/test_c007/test_c007.h
+++ b/api-tests/dev_apis/crypto/test_c007/test_c007.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,7 +18,6 @@
#define _TEST_C007_CLIENT_TESTS_H_
#include "val_crypto.h"
-
#define test_entry CONCAT(test_entry_,c007)
#define val CONCAT(val,test_entry)
#define psa CONCAT(psa,test_entry)
diff --git a/api-tests/dev_apis/crypto/test_c007/test_data.h b/api-tests/dev_apis/crypto/test_c007/test_data.h
index c540109..a1216dd 100644
--- a/api-tests/dev_apis/crypto/test_c007/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c007/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -19,7 +19,7 @@
typedef struct {
char test_desc[75];
- psa_key_slot_t key_slot;
+ psa_key_handle_t key_handle;
psa_key_type_t key_type;
uint8_t key_data[34];
uint32_t key_length;
@@ -30,10 +30,10 @@
psa_status_t expected_status;
} test_data;
-uint8_t rsa_384_keypair[1];
-uint8_t rsa_384_keydata[1];
+static uint8_t rsa_384_keypair[1];
+static uint8_t rsa_384_keydata[1];
-uint8_t rsa_256_keypair[] = {
+static uint8_t rsa_256_keypair[] = {
0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
@@ -127,7 +127,7 @@
0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
-uint8_t rsa_256_keydata[] = {
+static uint8_t rsa_256_keydata[] = {
0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A,
0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
@@ -150,7 +150,7 @@
0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
-uint8_t ec_keydata[] = {
+static uint8_t ec_keydata[] = {
0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
@@ -158,7 +158,7 @@
0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
0x24, 0x74, 0x90, 0x9A, 0xE0};
-uint8_t ec_keypair[] = {
+static uint8_t ec_keypair[] = {
0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
0xF5, 0x49, 0xBD, 0x6F, 0x05, 0x53, 0x49, 0x4B, 0x73, 0xE3, 0xD6, 0x11, 0x30, 0xFD,
0xC6, 0xC9, 0x6D, 0xA0, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
@@ -167,18 +167,18 @@
0xB7, 0x76, 0xC6, 0x74, 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F,
0x68, 0x54, 0xB5, 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
-test_data check1[] = {
+static test_data check1[] = {
{"Test psa_set_key_policy 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
},
{"Test psa_set_key_policy 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
- AES_24B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_24B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
},
@@ -186,7 +186,7 @@
{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
},
@@ -204,14 +204,14 @@
{"Test psa_set_key_policy with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
},
{"Test psa_set_key_policy with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
},
@@ -219,7 +219,7 @@
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
- DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
},
@@ -236,35 +236,22 @@
97, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
192, 97, PSA_SUCCESS
},
-};
-
-
-test_data check2[] = {
-{"Test psa_set_key_policy with already occupied key slot\n", 1, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
-BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_OCCUPIED_SLOT
-},
-
-{"Test psa_set_key_policy with invalid key slot\n", INVALID_KEY_SLOT, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
-BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
-},
-
-{"Test psa_set_key_policy with zero key slot\n", ZERO_KEY_SLOT, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
-BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
-},
{"Test psa_set_key_policy with invalid usage\n", 13, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
0x5F, 0xC9},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_INVALID, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_INVALID, PSA_ALG_CTR,
BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
};
+
+
+static test_data check2[] = {
+{"Test psa_set_key_policy negative case\n", 11, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_OCCUPIED_SLOT
+},
+
+};
diff --git a/api-tests/dev_apis/crypto/test_c008/test_c008.c b/api-tests/dev_apis/crypto/test_c008/test_c008.c
index 247a826..f51d771 100644
--- a/api-tests/dev_apis/crypto/test_c008/test_c008.c
+++ b/api-tests/dev_apis/crypto/test_c008/test_c008.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,14 +15,8 @@
* limitations under the License.
**/
-#ifdef NONSECURE_TEST_BUILD
#include "val_interfaces.h"
#include "val_target.h"
-#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
-#endif
-
#include "test_c008.h"
#include "test_data.h"
#include "val_crypto.h"
@@ -34,36 +28,36 @@
NULL,
};
-int g_test_count;
+static int g_test_count = 1;
int32_t psa_get_key_policy_test(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
uint8_t *key_data;
psa_key_policy_t policy, expected_policy;
psa_key_usage_t expected_usage;
psa_algorithm_t expected_alg;
int num_checks = sizeof(check1)/sizeof(check1[0]);
- uint32_t i;
-
- g_test_count = 1;
+ int32_t i, status;
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
-
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
/* Set the key data buffer to the input base on algorithm */
for (i = 0; i < num_checks; i++)
{
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
{
if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
@@ -99,38 +93,30 @@
val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
check1[i].key_alg);
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
/* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_slot, &policy);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA set key policy failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_slot, check1[i].key_type,
- key_data, check1[i].key_length);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA import key failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Get the usage policy for a key slot */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_POLICY, check1[i].key_slot,
- &expected_policy);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA get key policy failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_POLICY, check1[i].key_handle,
+ &expected_policy);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
- if ((expected_policy.usage != check1[i].usage) ||
- (expected_policy.alg != check1[i].key_alg))
- {
- val->print(PRINT_ERROR, "\tPolicy data Mismatch\n", 0);
- return VAL_STATUS_DATA_MISMATCH;
- }
+ if (check1[i].expected_status != PSA_SUCCESS)
+ continue;
+
+ TEST_ASSERT_EQUAL(expected_policy.usage, check1[i].usage, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_EQUAL(expected_policy.alg, check1[i].key_alg, TEST_CHECKPOINT_NUM(8));
/* Retrieve the usage field of a policy structure */
val->crypto_function(VAL_CRYPTO_KEY_POLICY_GET_USAGE, &policy, &expected_usage);
@@ -138,13 +124,8 @@
/* Retrieve the algorithm field of a policy structure */
val->crypto_function(VAL_CRYPTO_KEY_POLICY_GET_ALGORITHM, &policy, &expected_alg);
- if ((expected_usage != check1[i].usage) ||
- (expected_alg != check1[i].key_alg))
- {
- val->print(PRINT_ERROR, "\tPolicy data Mismatch\n", 0);
- return VAL_STATUS_DATA_MISMATCH;
- }
-
+ TEST_ASSERT_EQUAL(expected_usage, check1[i].usage, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(expected_alg, check1[i].key_alg, TEST_CHECKPOINT_NUM(10));
}
return VAL_STATUS_SUCCESS;
@@ -152,16 +133,13 @@
int32_t psa_get_key_policy_negative_test(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
int num_checks = sizeof(check2)/sizeof(check2[0]);
- uint32_t i;
+ int32_t i, status;
psa_key_policy_t policy;
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
/* Initialize a key policy structure to a default that forbids all
* usage of the key
@@ -173,13 +151,32 @@
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check2[i].test_desc, 0);
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_get_key_policy with unallocated key handle\n",
+ g_test_count++);
/* Get the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_POLICY, check2[i].key_slot, &policy);
- if (status != check2[i].expected_status)
- {
- val->print(PRINT_ERROR, "\tPSA get key policy should have failed but succeeded\n", 0);
- return VAL_STATUS_ERROR;
- }
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_POLICY, check2[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_get_key_policy with zero as key handle\n",
+ g_test_count++);
+ /* Get the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_POLICY, 0, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_get_key_policy with empty key handle\n",
+ g_test_count++);
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check2[i].key_type,
+ check2[i].key_length, &check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Get the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_POLICY, check2[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_EMPTY_SLOT, TEST_CHECKPOINT_NUM(5));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c008/test_c008.h b/api-tests/dev_apis/crypto/test_c008/test_c008.h
index b60cdfd..a67628d 100644
--- a/api-tests/dev_apis/crypto/test_c008/test_c008.h
+++ b/api-tests/dev_apis/crypto/test_c008/test_c008.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,7 +18,6 @@
#define _TEST_C008_CLIENT_TESTS_H_
#include "val_crypto.h"
-
#define test_entry CONCAT(test_entry_,c008)
#define val CONCAT(val,test_entry)
#define psa CONCAT(psa,test_entry)
diff --git a/api-tests/dev_apis/crypto/test_c008/test_data.h b/api-tests/dev_apis/crypto/test_c008/test_data.h
index eeec029..d2a6406 100644
--- a/api-tests/dev_apis/crypto/test_c008/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c008/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -19,7 +19,7 @@
typedef struct {
char test_desc[75];
- psa_key_slot_t key_slot;
+ psa_key_handle_t key_handle;
psa_key_type_t key_type;
uint8_t key_data[34];
uint32_t key_length;
@@ -30,10 +30,10 @@
psa_status_t expected_status;
} test_data;
-uint8_t rsa_384_keypair[1];
-uint8_t rsa_384_keydata[1];
+static uint8_t rsa_384_keypair[1];
+static uint8_t rsa_384_keydata[1];
-uint8_t rsa_256_keypair[] = {
+static uint8_t rsa_256_keypair[] = {
0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
@@ -127,7 +127,7 @@
0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
-uint8_t rsa_256_keydata[] = {
+static uint8_t rsa_256_keydata[] = {
0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A,
0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
@@ -150,7 +150,7 @@
0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
-uint8_t ec_keydata[] = {
+static uint8_t ec_keydata[] = {
0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
@@ -158,7 +158,7 @@
0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
0x24, 0x74, 0x90, 0x9A, 0xE0};
-uint8_t ec_keypair[] = {
+static uint8_t ec_keypair[] = {
0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
0xF5, 0x49, 0xBD, 0x6F, 0x05, 0x53, 0x49, 0x4B, 0x73, 0xE3, 0xD6, 0x11, 0x30, 0xFD,
0xC6, 0xC9, 0x6D, 0xA0, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
@@ -167,18 +167,18 @@
0xB7, 0x76, 0xC6, 0x74, 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F,
0x68, 0x54, 0xB5, 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
-test_data check1[] = {
+static test_data check1[] = {
{"Test psa_get_key_policy 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
},
{"Test psa_get_key_policy 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
- AES_24B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_24B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
},
@@ -186,7 +186,7 @@
{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CTR,
BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
},
@@ -204,14 +204,14 @@
{"Test psa_get_key_policy with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
},
{"Test psa_get_key_policy with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
},
@@ -219,7 +219,7 @@
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
- DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
},
@@ -238,19 +238,11 @@
},
};
-
-test_data check2[] = {
-{"Test psa_get_key_policy with invalid key slot\n", INVALID_KEY_SLOT, PSA_KEY_TYPE_AES,
+static test_data check2[] = {
+{"Test psa_get_key_policy negative cases\n", 11, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
0x5F, 0xC9},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
-BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
-},
-
-{"Test psa_get_key_policy with zero key slot\n", ZERO_KEY_SLOT, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
-AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
-BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
},
};
diff --git a/api-tests/dev_apis/crypto/test_c009/test_c009.c b/api-tests/dev_apis/crypto/test_c009/test_c009.c
index 18297ad..fd78295 100644
--- a/api-tests/dev_apis/crypto/test_c009/test_c009.c
+++ b/api-tests/dev_apis/crypto/test_c009/test_c009.c
@@ -15,262 +15,75 @@
* limitations under the License.
**/
-#ifdef NONSECURE_TEST_BUILD
#include "val_interfaces.h"
#include "val_target.h"
-#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
-#endif
-
#include "test_c009.h"
#include "test_data.h"
#include "val_crypto.h"
+#define MAX_KEYS 100
+
client_test_t test_c009_crypto_list[] = {
NULL,
- psa_set_key_lifetime_test,
- psa_set_key_lifetime_negative_test,
+ psa_allocate_key_test,
+ psa_allocate_key_negative_test,
NULL,
};
-int g_test_count;
+static int g_test_count = 1;
-int32_t psa_set_key_lifetime_test(security_t caller)
+int32_t psa_allocate_key_test(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
- uint8_t *key_data, data[BUFFER_SIZE];
- psa_key_policy_t policy;
- int num_checks = sizeof(check1)/sizeof(check1[0]);
- uint32_t i, j, length;
- boot_state_t boot_state;
-
- g_test_count = 1;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ /* Set the key data buffer to the input base on algorithm */
+ for (i = 0; i < num_checks; i++)
{
- return VAL_STATUS_INIT_FAILED;
- }
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
- status = val->get_boot_flag(&boot_state);
- if (status != VAL_STATUS_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tGet boot flag failed\n", 0);
- return status;
- }
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(3));
- if (boot_state == BOOT_NOT_EXPECTED)
- {
- /* Set the key data buffer to the input base on algorithm */
- for (i = 0; i < num_checks; i++)
- {
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, check1[i].test_desc, 0);
- if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
- {
- if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
- {
- if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
- key_data = rsa_384_keypair;
- else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
- key_data = rsa_256_keypair;
- else
- return VAL_STATUS_INVALID;
- }
- else
- {
- if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
- key_data = rsa_384_keydata;
- else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
- key_data = rsa_256_keydata;
- else
- return VAL_STATUS_INVALID;
- }
- }
- else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
- {
- if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
- key_data = ec_keypair;
- else
- key_data = ec_keydata;
- }
- else
- key_data = check1[i].key_data;
-
- /* Set the standard fields of a policy structure */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
- check1[i].key_alg);
-
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_slot, &policy);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA set key policy failed\n", 0);
- return status;
- }
-
- /* Change the lifetime of a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_LIFETIME, check1[i].key_slot,
- check1[i].lifetime);
- if (status != check1[i].expected_status)
- {
- val->print(PRINT_ERROR, "\tPSA set key lifetime failed\n", 0);
- return status;
- }
-
- /* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_slot,
- check1[i].key_type, key_data, check1[i].key_length);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA import key failed\n", 0);
- return status;
- }
-
- }
-
- status = val->set_boot_flag(BOOT_EXPECTED_CRYPTO);
- if (status != VAL_STATUS_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tSet boot flag failed\n", 0);
- return status;
- }
-
- /*Waiting here for watchdog expiry */
- while (1);
- }
- else if (boot_state == BOOT_EXPECTED_CRYPTO)
- {
- for (i = 0; i < num_checks; i++)
- {
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, check1[i].test_desc, 0);
- if (check1[i].lifetime == PSA_KEY_LIFETIME_VOLATILE)
- continue;
-
- /* Set the key data buffer to the input base on algorithm */
- if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
- {
- if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
- {
- if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
- key_data = rsa_384_keypair;
- else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
- key_data = rsa_256_keypair;
- else
- return VAL_STATUS_INVALID;
- }
- else
- {
- if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
- key_data = rsa_384_keydata;
- else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
- key_data = rsa_256_keydata;
- else
- return VAL_STATUS_INVALID;
- }
- }
- else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
- {
- if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
- key_data = ec_keypair;
- else
- key_data = ec_keydata;
- }
- else
- key_data = check1[i].key_data;
-
- /* Export a key in binary format */
- status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check1[i].key_slot, data,
- BUFFER_SIZE, &length);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA export key failed\n", 0);
- return status;
- }
-
- if (length != check1[i].expected_key_length)
- {
- val->print(PRINT_ERROR, "\tKey length mismatch\n", 0);
- return VAL_STATUS_INVALID_SIZE;
- }
-
- /* Check if original key data matches with the exported data */
- if (val->crypto_key_type_is_raw(check1[i].key_type))
- {
- for (j = 0; j < length; j++)
- {
- if (check1[i].key_data[j] != data[j])
- {
- val->print(PRINT_ERROR, "\tKey data mismatch\n", 0);
- return VAL_STATUS_DATA_MISMATCH;
- }
- }
- }
- else if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
- {
- for (j = 0; j < length; j++)
- {
- if (key_data[j] != data[j])
- {
- val->print(PRINT_ERROR, "\tKey data mismatch\n", 0);
- return VAL_STATUS_DATA_MISMATCH;
- }
- }
- }
- else
- {
- return VAL_STATUS_INVALID;
- }
- }
- }
- else
- {
- val->print(PRINT_ERROR, "\tInvalid boot state\n", 0);
- return VAL_STATUS_INVALID;
}
return VAL_STATUS_SUCCESS;
}
-int32_t psa_set_key_lifetime_negative_test(security_t caller)
+int32_t psa_allocate_key_negative_test(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
- int num_checks = sizeof(check2)/sizeof(check2[0]);
- uint32_t i;
- psa_key_policy_t policy;
+ int32_t i, status;
+ psa_key_handle_t key_handle[MAX_KEYS];
+ psa_key_type_t key_type = PSA_KEY_TYPE_AES;
+ size_t key_length = BUFFER_SIZE;
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ val->print(PRINT_TEST, "[Check %d] Testing the insufficient memory\n", g_test_count++);
+
+ for (i = 0; i < MAX_KEYS; i++)
{
- return VAL_STATUS_INIT_FAILED;
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, key_type,
+ key_length, &key_handle[i]);
+ if (status != PSA_SUCCESS)
+ break;
}
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INSUFFICIENT_MEMORY, TEST_CHECKPOINT_NUM(2));
- for (i = 0; i < num_checks; i++)
- {
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, check2[i].test_desc, 0);
-
- /* Change the lifetime of a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_LIFETIME, check2[i].key_slot,
- check2[i].lifetime);
- if (status != check2[i].expected_status)
- {
- val->print(PRINT_ERROR, "\tPSA set key lifetime failed\n", 0);
- return VAL_STATUS_INVALID;
- }
- }
-
- return VAL_STATUS_SUCCESS;
+ return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/dev_apis/crypto/test_c009/test_c009.h b/api-tests/dev_apis/crypto/test_c009/test_c009.h
index 156282c..f5e758b 100644
--- a/api-tests/dev_apis/crypto/test_c009/test_c009.h
+++ b/api-tests/dev_apis/crypto/test_c009/test_c009.h
@@ -18,7 +18,6 @@
#define _TEST_C009_CLIENT_TESTS_H_
#include "val_crypto.h"
-
#define test_entry CONCAT(test_entry_,c009)
#define val CONCAT(val,test_entry)
#define psa CONCAT(psa,test_entry)
@@ -27,6 +26,6 @@
extern psa_api_t *psa;
extern client_test_t test_c009_crypto_list[];
-int32_t psa_set_key_lifetime_test(security_t caller);
-int32_t psa_set_key_lifetime_negative_test(security_t caller);
+int32_t psa_allocate_key_test(security_t caller);
+int32_t psa_allocate_key_negative_test(security_t caller);
#endif /* _TEST_C009_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c009/test_data.h b/api-tests/dev_apis/crypto/test_c009/test_data.h
index 6de98e4..203699f 100644
--- a/api-tests/dev_apis/crypto/test_c009/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c009/test_data.h
@@ -19,266 +19,50 @@
typedef struct {
char test_desc[75];
- psa_key_slot_t key_slot;
+ psa_key_handle_t key_handle;
psa_key_type_t key_type;
- uint8_t key_data[34];
- uint32_t key_length;
- psa_key_usage_t usage;
- psa_algorithm_t key_alg;
- psa_key_lifetime_t lifetime;
- uint32_t expected_bit_length;
- uint32_t expected_key_length;
+ size_t key_length;
psa_status_t expected_status;
} test_data;
-uint8_t rsa_384_keypair[1];
-uint8_t rsa_384_keydata[1];
-
-uint8_t rsa_256_keypair[] = {
- 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
- 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
- 0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
- 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 0x7F, 0xFE,
- 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1,
- 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B,
- 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 0xDA,
- 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63,
- 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34,
- 0xB3, 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73,
- 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, 0x2E, 0xB8, 0x10,
- 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4,
- 0xBB, 0x17, 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5,
- 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 0xBC, 0x23,
- 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0,
- 0xA1, 0x96, 0x4A, 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63,
- 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 0x77,
- 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39,
- 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33,
- 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5,
- 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01,
- 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50,
- 0x01, 0xEF, 0x9F, 0xED, 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7,
- 0x92, 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, 0xC6, 0x79,
- 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, 0x95, 0x77, 0xCB, 0xC3, 0x9A,
- 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA,
- 0x67, 0x16, 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, 0xFB,
- 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, 0x98, 0x6B, 0x65, 0x9A,
- 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22,
- 0x60, 0x2A, 0x73, 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4,
- 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, 0x25, 0x4E, 0x9F,
- 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64,
- 0xCA, 0x9A, 0x5B, 0x05, 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32,
- 0x22, 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, 0x74, 0xD3,
- 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, 0x7A, 0x97, 0x2E, 0xD6, 0xB6,
- 0x19, 0xC6, 0x92, 0x26, 0xE4, 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9,
- 0x78, 0x0D, 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, 0x41,
- 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, 0xD2, 0x60, 0xF2, 0x9F,
- 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C,
- 0xE6, 0x55, 0x34, 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A,
- 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, 0xF1, 0x58, 0x58,
- 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9,
- 0x10, 0x32, 0xB7, 0x93, 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6,
- 0xB5, 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, 0x1B, 0xAC,
- 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, 0x19, 0xB8, 0xC3, 0x60, 0xB1,
- 0x57, 0x48, 0x5F, 0x52, 0x4F, 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43,
- 0x50, 0x3F, 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, 0xAD,
- 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, 0x70, 0x9C, 0x0A, 0x7C,
- 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD,
- 0x15, 0x73, 0xDA, 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0,
- 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, 0xC6, 0xB1, 0x53,
- 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D,
- 0xB7, 0x5C, 0x5C, 0x7C, 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63,
- 0xB3, 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, 0x8E, 0x7B,
- 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, 0x7D, 0xEA, 0xFE, 0x76, 0xA1,
- 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B,
- 0x5B, 0x0F, 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, 0xED,
- 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, 0x13, 0x23, 0x4C, 0xCB,
- 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C,
- 0xC1, 0x85, 0x5F, 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3,
- 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, 0x5F, 0x53, 0xA4,
- 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB,
- 0xD5, 0xFE, 0xF9, 0x52, 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52,
- 0x2F, 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, 0x52, 0xDA,
- 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, 0xD3, 0x18, 0x14, 0x72, 0x77,
- 0x5E, 0xC7, 0xA3, 0x04, 0x1F, 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3,
- 0xF2, 0xB5, 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, 0x5F,
- 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, 0x56, 0xC0, 0xD4, 0x22,
- 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95,
- 0x92, 0x31, 0x41, 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39,
- 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, 0x22, 0x00, 0xFE,
- 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41,
- 0x56, 0x28, 0x51, 0x9E, 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2,
- 0x6C, 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, 0xD4, 0x0C,
- 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, 0xD4, 0xE6, 0xDC, 0x4C, 0xED,
- 0xD7, 0x16, 0x11, 0xC3, 0x3E, 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE,
- 0xBB, 0x75, 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, 0xC5,
- 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, 0x6E, 0x99, 0x87, 0xF8,
- 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF,
- 0x16, 0xCA, 0x8B, 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC,
- 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, 0x9D, 0xE0, 0x63,
- 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D,
- 0x45, 0xF9, 0x40, 0x8C, 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C,
- 0xAC, 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, 0xE5, 0x8A,
- 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, 0x86, 0x09, 0xB8, 0xD8, 0x76,
- 0xA7, 0xC9, 0x1C, 0x71, 0x52, 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD,
- 0x61, 0x1B, 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, 0x43,
- 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, 0x5E, 0xCF, 0x4F, 0xFC,
- 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5,
- 0x29, 0xD0, 0x44, 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2,
- 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
- 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
-
-uint8_t rsa_256_keydata[] = {
- 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
- 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A,
- 0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
- 0x75, 0x10, 0xA0, 0xA2, 0xB8, 0xCE, 0x7D, 0xAA, 0xE2, 0x05, 0xE0, 0x7A, 0xD8, 0x44,
- 0x63, 0x8F, 0xB5, 0xBD, 0xC0, 0xB0, 0x19, 0xB9, 0x37, 0xB8, 0x19, 0x4A, 0x0E, 0xF1,
- 0x5D, 0x74, 0x80, 0x67, 0x46, 0x87, 0x06, 0xDE, 0x5B, 0x7F, 0x06, 0x03, 0xBD, 0xC1,
- 0x8D, 0x5E, 0x07, 0x15, 0xD4, 0x5B, 0xF4, 0xDC, 0xE5, 0xCF, 0x3D, 0xF9, 0xC1, 0x11,
- 0x2C, 0xAE, 0x6A, 0xB9, 0x8A, 0xBD, 0x1D, 0x67, 0x66, 0x17, 0xEA, 0x4E, 0xBD, 0xDB,
- 0x15, 0x9A, 0x82, 0x87, 0xE4, 0xF0, 0x78, 0xC3, 0xA3, 0x85, 0x87, 0xB0, 0xFD, 0x9F,
- 0xA9, 0x99, 0x5F, 0xE3, 0x33, 0xEC, 0xCC, 0xEA, 0x0B, 0xB5, 0x61, 0x5E, 0xF1, 0x49,
- 0x7E, 0x3F, 0xA3, 0x2D, 0xEA, 0x01, 0x0C, 0xCC, 0x42, 0x9A, 0x76, 0x9B, 0xC4, 0xD0,
- 0x37, 0xD3, 0xB1, 0x17, 0x01, 0x61, 0x01, 0x16, 0x59, 0x7E, 0x1C, 0x17, 0xC3, 0x53,
- 0xFD, 0xD1, 0x72, 0xCB, 0x4C, 0x60, 0x15, 0xDA, 0x7D, 0xE2, 0xEA, 0xAD, 0x50, 0xEF,
- 0x8E, 0xE2, 0x8B, 0xD4, 0x6A, 0x77, 0x55, 0xD6, 0x70, 0xD9, 0x6B, 0xBB, 0xF1, 0xEE,
- 0x39, 0x04, 0x38, 0xA3, 0xBD, 0xE2, 0xD1, 0xE0, 0x66, 0x6B, 0xE2, 0x9C, 0x47, 0x99,
- 0xE9, 0x28, 0xE6, 0xB6, 0xFC, 0x2E, 0xCA, 0x67, 0x43, 0x84, 0xE8, 0xD5, 0x83, 0xD6,
- 0x9D, 0x98, 0x6B, 0x01, 0x3E, 0x81, 0xDC, 0x3C, 0x7A, 0xCA, 0xF9, 0xF3, 0x9C, 0xF7,
- 0xD6, 0x28, 0x1B, 0x27, 0x78, 0x7C, 0xC3, 0xD0, 0xD5, 0x63, 0xA7, 0x81, 0x34, 0x89,
- 0xAD, 0x25, 0x6A, 0xBD, 0xF2, 0xEA, 0xED, 0xFA, 0x57, 0xFC, 0xE5, 0x34, 0xC6, 0xC1,
- 0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
- 0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
-
-uint8_t ec_keydata[] = {
- 0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
- 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
- 0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
- 0xF6, 0x20, 0xA5, 0x58, 0xA5, 0x01, 0xE0, 0x22, 0x2D, 0x08, 0xCF, 0xE0, 0xDC, 0x8A,
- 0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
- 0x24, 0x74, 0x90, 0x9A, 0xE0};
-
-uint8_t ec_keypair[] = {
- 0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
- 0xF5, 0x49, 0xBD, 0x6F, 0x05, 0x53, 0x49, 0x4B, 0x73, 0xE3, 0xD6, 0x11, 0x30, 0xFD,
- 0xC6, 0xC9, 0x6D, 0xA0, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
- 0x01, 0xA1, 0x34, 0x03, 0x32, 0x00, 0x04, 0x51, 0x75, 0xBC, 0xDF, 0x30, 0xA3, 0x70,
- 0xF3, 0x9D, 0x53, 0x93, 0xE6, 0x12, 0x72, 0x88, 0xD8, 0x01, 0x67, 0xB5, 0xF4, 0xB4,
- 0xB7, 0x76, 0xC6, 0x74, 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F,
- 0x68, 0x54, 0xB5, 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
-
-
-test_data check1[] = {
-{"Test psa_set_key_lifetime 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
- PSA_KEY_LIFETIME_VOLATILE, BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+static test_data check1[] = {
+{"Test psa_allocate_key 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
+ AES_16B_KEY_SIZE, PSA_SUCCESS
},
-#ifdef NO_SUPPORT
-/* PSA crypto doesn't support these test scenarios */
-{"Test psa_set_key_lifetime 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
-{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
- 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
- AES_24B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
- PSA_KEY_LIFETIME_PERSISTENT, BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
+{"Test psa_allocate_key 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
+ AES_24B_KEY_SIZE, PSA_SUCCESS
},
-{"Test psa_set_key_lifetime 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
-{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
- 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
- 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
- PSA_KEY_LIFETIME_WRITE_ONCE, BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
-},
-#endif
-
-{"Test psa_set_key_lifetime 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
- {0},
- 294, PSA_KEY_USAGE_SIGN, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
- PSA_KEY_LIFETIME_VOLATILE, 2048, 294, PSA_SUCCESS
+{"Test psa_allocate_key 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
+ AES_32B_KEY_SIZE, PSA_SUCCESS
},
-#ifdef NO_SUPPORT
-/* PSA crypto doesn't support these test scenarios */
-{"Test psa_set_key_lifetime with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
- {0},
- 1193, PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
- PSA_KEY_LIFETIME_PERSISTENT, 2048, 1193, PSA_SUCCESS
+{"Test psa_allocate_key 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+ 294, PSA_SUCCESS
},
-{"Test psa_set_key_lifetime with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
- {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
- PSA_KEY_LIFETIME_WRITE_ONCE, BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
-},
-#endif
-
-{"Test psa_set_key_lifetime with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
-{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
- PSA_KEY_LIFETIME_VOLATILE, BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
+{"Test psa_allocate_key with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
+ 1193, PSA_SUCCESS
},
-#ifdef NO_SUPPORT
-/* PSA crypto doesn't support these test scenarios */
-{"Test psa_set_key_lifetime with Triple DES 3-Key\n", 8, PSA_KEY_TYPE_DES,
-{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
- 0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
- 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
- DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
- PSA_KEY_LIFETIME_PERSISTENT, BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
-},
-#endif
-
-{"Test psa_set_key_lifetime with EC Public key\n", 9,
- PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | PSA_ECC_CURVE_SECP192R1,
- {0},
- 75, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
- PSA_KEY_LIFETIME_VOLATILE, 192, 75, PSA_SUCCESS
+{"Test psa_allocate_key with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
+ DES_8B_KEY_SIZE, PSA_SUCCESS
},
-{"Test psa_set_key_lifetime with EC keypair\n", 10,
- PSA_KEY_TYPE_ECC_KEYPAIR_BASE | PSA_ECC_CURVE_SECP192R1,
- {0},
- 97, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
- PSA_KEY_LIFETIME_VOLATILE, 192, 97, PSA_SUCCESS
-},
-};
-
-
-test_data check2[] = {
-{"Test psa_set_key_lifetime with invalid key slot\n", INVALID_KEY_SLOT, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE, PSA_KEY_LIFETIME_VOLATILE,
- BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+{"Test psa_allocate_key with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
+ DES3_2KEY_SIZE, PSA_SUCCESS
},
-{"Test psa_set_key_lifetime with zero key slot\n", ZERO_KEY_SLOT, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE, PSA_KEY_LIFETIME_VOLATILE,
- BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+{"Test psa_allocate_key with Triple DES 3-Key\n", 8, PSA_KEY_TYPE_DES,
+ DES3_3KEY_SIZE, PSA_SUCCESS
},
-{"Test psa_set_key_lifetime with invalid lifetime\n", 11, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE, PSA_KEY_LIFETIME_INVALID,
- BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+{"Test psa_allocate_key with EC Public key\n", 9,
+ 75, PSA_SUCCESS
},
-#ifdef NO_SUPPORT
-{"Test psa_set_key_lifetime with occupied slot\n", 11, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE, PSA_KEY_LIFETIME_VOLATILE,
- BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_OCCUPIED_SLOT
+{"Test psa_allocate_key with EC keypair\n", 10,
+ 97, PSA_SUCCESS
},
-#endif
-
};
diff --git a/api-tests/dev_apis/crypto/test_c010/test_c010.c b/api-tests/dev_apis/crypto/test_c010/test_c010.c
index 083d5a9..290c91f 100644
--- a/api-tests/dev_apis/crypto/test_c010/test_c010.c
+++ b/api-tests/dev_apis/crypto/test_c010/test_c010.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,14 +15,8 @@
* limitations under the License.
**/
-#ifdef NONSECURE_TEST_BUILD
#include "val_interfaces.h"
#include "val_target.h"
-#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
-#endif
-
#include "test_c010.h"
#include "test_data.h"
#include "val_crypto.h"
@@ -34,35 +28,35 @@
NULL,
};
-int g_test_count;
+static int g_test_count = 1;
int32_t psa_get_key_lifetime_test(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
uint8_t *key_data;
psa_key_policy_t policy;
int num_checks = sizeof(check1)/sizeof(check1[0]);
- uint32_t i;
+ int32_t i, status;
psa_key_lifetime_t lifetime;
- g_test_count = 1;
-
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
-
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
/* Set the key data buffer to the input base on algorithm */
for (i = 0; i < num_checks; i++)
{
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
{
if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
@@ -98,47 +92,25 @@
val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
check1[i].key_alg);
- /* Set the usage policy on a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_slot, &policy);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA set key policy failed\n", 0);
- return status;
- }
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(3));
- /* Change the lifetime of a key slot */
- status = val->crypto_function(VAL_CRYPTO_SET_KEY_LIFETIME, check1[i].key_slot,
- check1[i].lifetime);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA set key lifetime failed\n", 0);
- return status;
- }
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Import the key data into the key slot */
- status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_slot,
- check1[i].key_type, key_data, check1[i].key_length);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA import key failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Get the lifetime of a key slot */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_LIFETIME, check1[i].key_slot,
- &lifetime);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA get key lifetime failed\n", 0);
- return status;
- }
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_LIFETIME, check1[i].key_handle, &lifetime);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
- if (lifetime != check1[i].lifetime)
- {
- val->print(PRINT_ERROR, "\tKey lifetime mismatch\n", 0);
- return VAL_STATUS_DATA_MISMATCH;
- }
-
+ TEST_ASSERT_EQUAL(lifetime, check1[i].lifetime, TEST_CHECKPOINT_NUM(7));
}
return VAL_STATUS_SUCCESS;
@@ -146,36 +118,52 @@
int32_t psa_get_key_lifetime_negative_test(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
int num_checks = sizeof(check2)/sizeof(check2[0]);
- uint32_t i;
+ int32_t i, status;
psa_key_lifetime_t lifetime;
psa_key_policy_t policy;
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
-
- /* Initialize a key policy structure to a default that forbids all
- * usage of the key
- */
- val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
for (i = 0; i < num_checks; i++)
{
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, check2[i].test_desc, 0);
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_get_key_lifetime with invalid key handle\n",
+ g_test_count++);
+ /* Get the lifetime of a key slot */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_LIFETIME, check2[i].key_handle, &lifetime);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_get_key_lifetime with zero as key handle\n",
+ g_test_count++);
+ /* Get the lifetime of a key slot */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_LIFETIME, 0, &lifetime);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_get_key_lifetime with empty key handle\n",
+ g_test_count++);
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check2[i].key_type,
+ check2[i].key_length, &check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
/* Get the lifetime of a key slot */
- status = val->crypto_function(VAL_CRYPTO_GET_KEY_LIFETIME, check2[i].key_slot,
- &lifetime);
- if (status != check2[i].expected_status)
- {
- val->print(PRINT_ERROR, "\tPSA get key lifetime failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_LIFETIME, check2[i].key_handle, &lifetime);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c010/test_c010.h b/api-tests/dev_apis/crypto/test_c010/test_c010.h
index 370bbcc..03308e8 100644
--- a/api-tests/dev_apis/crypto/test_c010/test_c010.h
+++ b/api-tests/dev_apis/crypto/test_c010/test_c010.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,7 +18,6 @@
#define _TEST_C010_CLIENT_TESTS_H_
#include "val_crypto.h"
-
#define test_entry CONCAT(test_entry_,c010)
#define val CONCAT(val,test_entry)
#define psa CONCAT(psa,test_entry)
diff --git a/api-tests/dev_apis/crypto/test_c010/test_data.h b/api-tests/dev_apis/crypto/test_c010/test_data.h
index 42d3a00..16f896d 100644
--- a/api-tests/dev_apis/crypto/test_c010/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c010/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,11 +17,9 @@
#include "val_crypto.h"
-#define EMPTY_KEY_SLOT 31
-
typedef struct {
char test_desc[75];
- psa_key_slot_t key_slot;
+ psa_key_handle_t key_handle;
psa_key_type_t key_type;
uint8_t key_data[34];
uint32_t key_length;
@@ -33,10 +31,10 @@
psa_status_t expected_status;
} test_data;
-uint8_t rsa_384_keypair[1];
-uint8_t rsa_384_keydata[1];
+static uint8_t rsa_384_keypair[1];
+static uint8_t rsa_384_keydata[1];
-uint8_t rsa_256_keypair[] = {
+static uint8_t rsa_256_keypair[] = {
0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
@@ -130,7 +128,7 @@
0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
-uint8_t rsa_256_keydata[] = {
+static uint8_t rsa_256_keydata[] = {
0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A,
0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
@@ -153,7 +151,7 @@
0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
-uint8_t ec_keydata[] = {
+static uint8_t ec_keydata[] = {
0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
@@ -161,7 +159,7 @@
0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
0x24, 0x74, 0x90, 0x9A, 0xE0};
-uint8_t ec_keypair[] = {
+static uint8_t ec_keypair[] = {
0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
0xF5, 0x49, 0xBD, 0x6F, 0x05, 0x53, 0x49, 0x4B, 0x73, 0xE3, 0xD6, 0x11, 0x30, 0xFD,
0xC6, 0xC9, 0x6D, 0xA0, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
@@ -170,11 +168,11 @@
0xB7, 0x76, 0xC6, 0x74, 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F,
0x68, 0x54, 0xB5, 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
-test_data check1[] = {
+static test_data check1[] = {
{"Test psa_get_key_lifetime 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
PSA_KEY_LIFETIME_VOLATILE, BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
},
@@ -183,7 +181,7 @@
{"Test psa_get_key_lifetime 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
- AES_24B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_24B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR,
PSA_KEY_LIFETIME_PERSISTENT, BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
},
@@ -191,7 +189,7 @@
{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
- AES_32B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CTR,
PSA_KEY_LIFETIME_WRITE_ONCE, BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
},
#endif
@@ -212,7 +210,7 @@
{"Test psa_get_key_lifetime with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
- DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
PSA_KEY_LIFETIME_WRITE_ONCE, BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
},
#endif
@@ -220,7 +218,7 @@
{"Test psa_get_key_lifetime with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
- DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
PSA_KEY_LIFETIME_VOLATILE, BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
},
@@ -230,7 +228,7 @@
{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
- DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
PSA_KEY_LIFETIME_PERSISTENT, BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
},
#endif
@@ -252,28 +250,11 @@
};
-test_data check2[] = {
-{"Test psa_get_key_lifetime with invalid key slot\n", INVALID_KEY_SLOT, PSA_KEY_TYPE_AES,
+static test_data check2[] = {
+{"Test psa_get_key_lifetime with negative cases\n", 11, PSA_KEY_TYPE_AES,
{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE, PSA_KEY_LIFETIME_VOLATILE,
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR, PSA_KEY_LIFETIME_VOLATILE,
BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
},
-
-{"Test psa_get_key_lifetime with zero key slot\n", ZERO_KEY_SLOT, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE, PSA_KEY_LIFETIME_VOLATILE,
- BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
-},
-
-#ifdef NO_SUPPORT
-/* PSA crypto doesn't support these test scenarios */
-{"Test psa_get_key_lifetime with empty key slot\n", EMPTY_KEY_SLOT, PSA_KEY_TYPE_AES,
-{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
- 0x5F, 0xC9},
- AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE, PSA_KEY_LIFETIME_VOLATILE,
- BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
-},
-#endif
};
diff --git a/api-tests/dev_apis/crypto/test_c011/test_c011.c b/api-tests/dev_apis/crypto/test_c011/test_c011.c
index de2f79b..96fba0f 100644
--- a/api-tests/dev_apis/crypto/test_c011/test_c011.c
+++ b/api-tests/dev_apis/crypto/test_c011/test_c011.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,14 +15,8 @@
* limitations under the License.
**/
-#ifdef NONSECURE_TEST_BUILD
#include "val_interfaces.h"
#include "val_target.h"
-#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
-#endif
-
#include "test_c011.h"
#include "test_data.h"
#include "val_crypto.h"
@@ -33,35 +27,34 @@
NULL,
};
-int g_test_count;
+static int g_test_count = 1;
int32_t psa_hash_setup_test(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
int num_checks = sizeof(check1)/sizeof(check1[0]);
- uint32_t i;
+ int32_t i, status;
psa_hash_operation_t operation;
- g_test_count = 1;
-
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
for (i = 0; i < num_checks; i++)
{
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
/* Start a multipart hash operation */
status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &operation, check1[i].alg);
- if (status != check1[i].expected_status)
- {
- val->print(PRINT_ERROR, "\tPSA hash setup failed", 0);
- return VAL_STATUS_INVALID;
- }
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(3));
+
+ /*Abort the hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
}
return VAL_STATUS_SUCCESS;
diff --git a/api-tests/dev_apis/crypto/test_c011/test_c011.h b/api-tests/dev_apis/crypto/test_c011/test_c011.h
index f14b239..3b33444 100644
--- a/api-tests/dev_apis/crypto/test_c011/test_c011.h
+++ b/api-tests/dev_apis/crypto/test_c011/test_c011.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,7 +18,6 @@
#define _TEST_C011_CLIENT_TESTS_H_
#include "val_crypto.h"
-
#define test_entry CONCAT(test_entry_,c011)
#define val CONCAT(val,test_entry)
#define psa CONCAT(psa,test_entry)
diff --git a/api-tests/dev_apis/crypto/test_c011/test_data.h b/api-tests/dev_apis/crypto/test_c011/test_data.h
index e3eead4..d62076c 100644
--- a/api-tests/dev_apis/crypto/test_c011/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c011/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,7 +23,7 @@
psa_status_t expected_status;
} test_data;
-test_data check1[] = {
+static test_data check1[] = {
{"Test psa_hash_setup with MD2 algorithm\n",
PSA_ALG_MD2, PSA_SUCCESS,
},
diff --git a/api-tests/dev_apis/crypto/test_c012/test_c012.c b/api-tests/dev_apis/crypto/test_c012/test_c012.c
index 2b67f9a..77a3c9e 100644
--- a/api-tests/dev_apis/crypto/test_c012/test_c012.c
+++ b/api-tests/dev_apis/crypto/test_c012/test_c012.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,14 +15,8 @@
* limitations under the License.
**/
-#ifdef NONSECURE_TEST_BUILD
#include "val_interfaces.h"
#include "val_target.h"
-#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
-#endif
-
#include "test_c012.h"
#include "test_data.h"
#include "val_crypto.h"
@@ -35,44 +29,39 @@
NULL,
};
-int g_test_count;
+static int g_test_count = 1;
int32_t psa_hash_update_test(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
int num_checks = sizeof(check1)/sizeof(check1[0]);
- uint32_t i;
+ int32_t i, status;
psa_hash_operation_t operation;
- g_test_count = 1;
-
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
for (i = 0; i < num_checks; i++)
{
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
/* Start a multipart hash operation */
status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &operation, check1[i].alg);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA hash setup failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Add a message fragment to a multipart hash operation */
status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation,
- check1[i].input, check1[i].input_length);
- if (status != check1[i].expected_status)
- {
- val->print(PRINT_ERROR, "\tPSA hash update failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ check1[i].input, check1[i].input_length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
+
+ /*Abort the hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
}
return VAL_STATUS_SUCCESS;
@@ -80,34 +69,35 @@
int32_t psa_hash_update_invalid_handle(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
- psa_hash_operation_t operation;
+ psa_hash_operation_t operation = {0};
uint8_t input[] = "Hello World";
size_t input_length = sizeof(input)/sizeof(input[0]);
+ int32_t status;
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, "Test psa_hash_update without hash setup\n", 0);
- status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation,
- input, input_length);
- if (status != PSA_ERROR_INVALID_ARGUMENT)
- {
- val->print(PRINT_ERROR, "\tPSA hash update should have failed but succeeded\n", 0);
- return VAL_STATUS_INVALID;
- }
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Add a message fragment to a multipart hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation, input, input_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_ARGUMENT, TEST_CHECKPOINT_NUM(3));
+
+ /*Abort the hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
return VAL_STATUS_SUCCESS;
}
int32_t psa_hash_update_with_completed_handle(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
psa_hash_operation_t operation;
uint8_t input[] = {0xbd};
size_t input_length = sizeof(input)/sizeof(input[0]);
@@ -117,48 +107,39 @@
0x7D, 0xC4, 0xB5, 0xAA, 0xE1, 0x12, 0x04, 0xC0, 0x8F, 0xFE,
0x73, 0x2B};
size_t hash_length = sizeof(hash)/sizeof(hash[0]);
+ int32_t status;
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, "Test psa_hash_update with completed opertaion handle \n", 0);
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
/* Start a multipart hash operation */
status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &operation, alg);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA hash setup failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Add a message fragment to a multipart hash operation */
status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation,
- input, input_length);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA hash update failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ input, input_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Finish the calculation of the hash of a message and compare it with an expected value*/
status = val->crypto_function(VAL_CRYPTO_HASH_VERIFY, &operation, hash, hash_length);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA hash verify failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Add a message fragment to a multipart hash operation */
- status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation,
- input, input_length);
- if (status != PSA_ERROR_INVALID_ARGUMENT)
- {
- val->print(PRINT_ERROR, "\tPSA hash update should have failed but succeeded\n", 0);
- return VAL_STATUS_INVALID;
- }
+ status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation, input, input_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_ARGUMENT, TEST_CHECKPOINT_NUM(6));
+
+ /*Abort the hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/dev_apis/crypto/test_c012/test_c012.h b/api-tests/dev_apis/crypto/test_c012/test_c012.h
index 196608e..ca36220 100644
--- a/api-tests/dev_apis/crypto/test_c012/test_c012.h
+++ b/api-tests/dev_apis/crypto/test_c012/test_c012.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,7 +18,6 @@
#define _TEST_C012_CLIENT_TESTS_H_
#include "val_crypto.h"
-
#define test_entry CONCAT(test_entry_,c012)
#define val CONCAT(val,test_entry)
#define psa CONCAT(psa,test_entry)
diff --git a/api-tests/dev_apis/crypto/test_c012/test_data.h b/api-tests/dev_apis/crypto/test_c012/test_data.h
index e7072b0..06325aa 100644
--- a/api-tests/dev_apis/crypto/test_c012/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c012/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -25,7 +25,7 @@
psa_status_t expected_status;
} test_data;
-test_data check1[] = {
+static test_data check1[] = {
{"Test psa_hash_update with MD2 algorithm\n",
PSA_ALG_MD2, "Hello World", 11, PSA_SUCCESS,
},
diff --git a/api-tests/dev_apis/crypto/test_c013/test_c013.c b/api-tests/dev_apis/crypto/test_c013/test_c013.c
index 5ba2878..73faa1d 100644
--- a/api-tests/dev_apis/crypto/test_c013/test_c013.c
+++ b/api-tests/dev_apis/crypto/test_c013/test_c013.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,14 +15,8 @@
* limitations under the License.
**/
-#ifdef NONSECURE_TEST_BUILD
#include "val_interfaces.h"
#include "val_target.h"
-#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
-#endif
-
#include "test_c013.h"
#include "test_data.h"
#include "val_crypto.h"
@@ -34,26 +28,28 @@
NULL,
};
-int g_test_count;
+static int g_test_count = 1;
int32_t psa_hash_verify_test(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
int num_checks = sizeof(check1)/sizeof(check1[0]);
- uint32_t i;
+ int32_t i, status;
psa_hash_operation_t operation;
char *hash;
- g_test_count = 1;
-
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
for (i = 0; i < num_checks; i++)
{
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
if (check1[i].alg == PSA_ALG_SHA_384)
hash = sha384_hash;
else if (check1[i].alg == PSA_ALG_SHA_512)
@@ -61,34 +57,23 @@
else
hash = check1[i].hash;
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, check1[i].test_desc, 0);
-
/* Start a multipart hash operation */
status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &operation, check1[i].alg);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA hash setup failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Add a message fragment to a multipart hash operation */
status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation,
- &check1[i].input, check1[i].input_length);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA hash update failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ &check1[i].input, check1[i].input_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Finish the calculation of the hash of a message and compare it with an expected value*/
status = val->crypto_function(VAL_CRYPTO_HASH_VERIFY, &operation, hash,
- check1[i].hash_length);
- if (status != check1[i].expected_status)
- {
- val->print(PRINT_ERROR, "\tPSA hash verify failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ check1[i].hash_length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(5));
+
+ /*Abort the hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
}
return VAL_STATUS_SUCCESS;
@@ -96,8 +81,7 @@
int32_t psa_hash_verify_inactive_operation_handle(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
- psa_hash_operation_t operation;
+ psa_hash_operation_t operation, invalid_operation;
char input = 0xbd;
size_t input_length = 1;
psa_algorithm_t alg = PSA_ALG_SHA_256;
@@ -106,48 +90,47 @@
0x55, 0x4b, 0x31, 0x3d, 0x05, 0x70, 0xc9, 0x5a, 0xcc, 0xbb,
0x7d, 0xc4, 0xb5, 0xaa, 0xe1, 0x12, 0x04, 0xc0, 0x8f, 0xfe,
0x73, 0x2b};
+ int32_t status;
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, "test psa_hash_verify with inactive operation handle\n", 0);
+ val->print(PRINT_TEST, "test psa_hash_verify with inactive & invalid operation handle\n", 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
/* Start a multipart hash operation */
status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &operation, alg);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA hash setup failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Add a message fragment to a multipart hash operation */
status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation,
- &input, input_length);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA hash update failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ &input, input_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Finish the calculation of the hash of a message and compare it with an expected value*/
status = val->crypto_function(VAL_CRYPTO_HASH_VERIFY, &operation, hash, hash_length);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA hash verify failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Retry the operation with completed operation handle */
status = val->crypto_function(VAL_CRYPTO_HASH_VERIFY, &operation, hash, hash_length);
- if (status != PSA_ERROR_INVALID_ARGUMENT)
- {
- val->print(PRINT_ERROR, "\tPSA hash verify should have failed but succeeded\n", 0);
- return VAL_STATUS_INVALID;
- }
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(6));
+
+ /* Retry the operation with invalid operation handle */
+ status = val->crypto_function(VAL_CRYPTO_HASH_VERIFY, &invalid_operation, hash, hash_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(7));
+
+ /*Abort the hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
+ /*Abort the invalid hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_ABORT, &invalid_operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/dev_apis/crypto/test_c013/test_c013.h b/api-tests/dev_apis/crypto/test_c013/test_c013.h
index 9708ec7..5135dda 100644
--- a/api-tests/dev_apis/crypto/test_c013/test_c013.h
+++ b/api-tests/dev_apis/crypto/test_c013/test_c013.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,7 +18,6 @@
#define _TEST_C013_CLIENT_TESTS_H_
#include "val_crypto.h"
-
#define test_entry CONCAT(test_entry_,c013)
#define val CONCAT(val,test_entry)
#define psa CONCAT(psa,test_entry)
diff --git a/api-tests/dev_apis/crypto/test_c013/test_data.h b/api-tests/dev_apis/crypto/test_c013/test_data.h
index a5d2df6..984faa1 100644
--- a/api-tests/dev_apis/crypto/test_c013/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c013/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -27,18 +27,18 @@
psa_status_t expected_status;
} test_data;
-char sha384_hash[] = {0x43, 0x72, 0xe3, 0x8a, 0x92, 0xa2, 0x8b, 0x5d, 0x2c, 0x39, 0x1e, 0x62,
+static char sha384_hash[] = {0x43, 0x72, 0xe3, 0x8a, 0x92, 0xa2, 0x8b, 0x5d, 0x2c, 0x39, 0x1e, 0x62,
0x45, 0x2a, 0x86, 0xd5, 0x0e, 0x02, 0x67, 0x22, 0x8b, 0xe1, 0x76, 0xc7, 0x7d, 0x24, 0x02, 0xef,
0xfe, 0x9f, 0xa5, 0x0d, 0xe4, 0x07, 0xbb, 0xb8, 0x51, 0xb3, 0x7d, 0x59, 0x04, 0xab, 0xa2, 0xde,
0xde, 0x74, 0xda, 0x2a};
-char sha512_hash[] = {0x29, 0x6e, 0x22, 0x67, 0xd7, 0x4c, 0x27, 0x8d, 0xaa, 0xaa, 0x94, 0x0d,
+static char sha512_hash[] = {0x29, 0x6e, 0x22, 0x67, 0xd7, 0x4c, 0x27, 0x8d, 0xaa, 0xaa, 0x94, 0x0d,
0x17, 0xb0, 0xcf, 0xb7, 0x4a, 0x50, 0x83, 0xf8, 0xe0, 0x69, 0x72, 0x6d, 0x8c, 0x84, 0x1c, 0xbe,
0x59, 0x6e, 0x04, 0x31, 0xcb, 0x77, 0x41, 0xa5, 0xb5, 0x0f, 0x71, 0x66, 0x6c, 0xfd, 0x54, 0xba,
0xcb, 0x7b, 0x00, 0xae, 0xa8, 0x91, 0x49, 0x9c, 0xf4, 0xef, 0x6a, 0x03, 0xc8, 0xa8, 0x3f, 0xe3,
0x7c, 0x3f, 0x7b, 0xaf};
-test_data check1[] = {
+static test_data check1[] = {
{"Test psa_hash_verify with MD2 algorithm\n",
PSA_ALG_MD2, 0xbd, 1,
{0x8c, 0x9c, 0x17, 0x66, 0x5d, 0x25, 0xb3, 0x5f, 0xc4, 0x13, 0xc4, 0x18, 0x05, 0xc6, 0x79, 0xcf},
diff --git a/api-tests/dev_apis/crypto/test_c014/test_c014.c b/api-tests/dev_apis/crypto/test_c014/test_c014.c
index e9a1196..2a66ff5 100644
--- a/api-tests/dev_apis/crypto/test_c014/test_c014.c
+++ b/api-tests/dev_apis/crypto/test_c014/test_c014.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,14 +15,8 @@
* limitations under the License.
**/
-#ifdef NONSECURE_TEST_BUILD
#include "val_interfaces.h"
#include "val_target.h"
-#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
-#endif
-
#include "test_c014.h"
#include "test_data.h"
#include "val_crypto.h"
@@ -35,27 +29,29 @@
NULL,
};
-int g_test_count;
+static int g_test_count = 1;
int32_t psa_hash_finish_test(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
int num_checks = sizeof(check1)/sizeof(check1[0]);
- uint32_t i, j;
+ int32_t i, status;
psa_hash_operation_t operation;
char *expected_hash, hash[HASH_64B];
size_t hash_length, hash_size = sizeof(hash)/sizeof(hash[0]);
- g_test_count = 1;
-
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
for (i = 0; i < num_checks; i++)
{
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
if (check1[i].alg == PSA_ALG_SHA_384)
expected_hash = sha384_hash;
else if (check1[i].alg == PSA_ALG_SHA_512)
@@ -63,51 +59,35 @@
else
expected_hash = check1[i].hash;
- val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
- val->print(PRINT_TEST, check1[i].test_desc, 0);
-
/* Start a multipart hash operation */
status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &operation, check1[i].alg);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA hash setup failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Add a message fragment to a multipart hash operation */
status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation,
- &check1[i].input, check1[i].input_length);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA hash update failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ &check1[i].input, check1[i].input_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Finish the calculation of the hash of a message */
status = val->crypto_function(VAL_CRYPTO_HASH_FINISH, &operation, hash, hash_size,
- &hash_length);
- if (status != check1[i].expected_status)
- {
- val->print(PRINT_ERROR, "\tPSA hash finish failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ &hash_length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(5));
- if (status != PSA_SUCCESS)
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ /*Abort the hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
continue;
+ }
- if (hash_length != PSA_HASH_SIZE(check1[i].alg))
- {
- val->print(PRINT_ERROR, "\tHash length mismatch\n", 0);
- return VAL_STATUS_INVALID;
- }
- for (j = 0; j < hash_length; j++)
- {
- if (hash[i] != expected_hash[i])
- {
- val->print(PRINT_ERROR, "\tHash data mismatch\n", 0);
- return VAL_STATUS_INVALID;
- }
- }
+ TEST_ASSERT_EQUAL(hash_length, PSA_HASH_SIZE(check1[i].alg), TEST_CHECKPOINT_NUM(7));
+
+ TEST_ASSERT_MEMCMP(hash, expected_hash, hash_length, TEST_CHECKPOINT_NUM(8));
+
+ /*Abort the hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
}
return VAL_STATUS_SUCCESS;
@@ -115,105 +95,88 @@
int32_t psa_hash_finish_inactive_operation_handle(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
psa_hash_operation_t operation;
char input = 0xbd;
size_t input_length = 1;
psa_algorithm_t alg = PSA_ALG_SHA_256;
char hash[HASH_64B];
size_t hash_length, hash_size = sizeof(hash)/sizeof(hash[0]);
+ int32_t status;
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, "test psa_hash_finish with inactive operation handle\n", 0);
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
/* Start a multipart hash operation */
status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &operation, alg);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA hash setup failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Add a message fragment to a multipart hash operation */
status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation,
- &input, input_length);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA hash update failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ &input, input_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Finish the calculation of the hash of a message */
status = val->crypto_function(VAL_CRYPTO_HASH_FINISH, &operation, hash, hash_size,
- &hash_length);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA hash finish failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ &hash_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Retry the operation with completed operation handle */
status = val->crypto_function(VAL_CRYPTO_HASH_FINISH, &operation, hash, hash_size,
- &hash_length);
- if (status != PSA_ERROR_INVALID_ARGUMENT)
- {
- val->print(PRINT_ERROR, "\tPSA hash finish should have failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ &hash_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_ARGUMENT, TEST_CHECKPOINT_NUM(6));
+
+ /*Abort the hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
return VAL_STATUS_SUCCESS;
}
int32_t psa_hash_finish_invalid_hash_buffer_size(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
psa_hash_operation_t operation;
char input = 0xbd;
size_t input_length = 1;
psa_algorithm_t alg = PSA_ALG_SHA_256;
char hash[HASH_64B];
size_t hash_length, hash_size = 10;
+ int32_t status;
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, "test psa_hash_finish with invalid hash buffer size\n", 0);
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
/* Start a multipart hash operation */
status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &operation, alg);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA hash setup failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Add a message fragment to a multipart hash operation */
- status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation,
- &input, input_length);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA hash update failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation, &input, input_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Finish the calculation of the hash of a message */
status = val->crypto_function(VAL_CRYPTO_HASH_FINISH, &operation, hash, hash_size,
- &hash_length);
- if (status != PSA_ERROR_BUFFER_TOO_SMALL)
- {
- val->print(PRINT_ERROR, "\tPSA hash finish should have failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ &hash_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BUFFER_TOO_SMALL, TEST_CHECKPOINT_NUM(5));
+
+ /*Abort the hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/dev_apis/crypto/test_c014/test_c014.h b/api-tests/dev_apis/crypto/test_c014/test_c014.h
index d3ee93f..348e07c 100644
--- a/api-tests/dev_apis/crypto/test_c014/test_c014.h
+++ b/api-tests/dev_apis/crypto/test_c014/test_c014.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,7 +18,6 @@
#define _TEST_C014_CLIENT_TESTS_H_
#include "val_crypto.h"
-
#define test_entry CONCAT(test_entry_,c014)
#define val CONCAT(val,test_entry)
#define psa CONCAT(psa,test_entry)
diff --git a/api-tests/dev_apis/crypto/test_c014/test_data.h b/api-tests/dev_apis/crypto/test_c014/test_data.h
index 6738c60..abf17d5 100644
--- a/api-tests/dev_apis/crypto/test_c014/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c014/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -27,18 +27,18 @@
psa_status_t expected_status;
} test_data;
-char sha384_hash[] = {0x43, 0x72, 0xe3, 0x8a, 0x92, 0xa2, 0x8b, 0x5d, 0x2c, 0x39, 0x1e, 0x62,
+static char sha384_hash[] = {0x43, 0x72, 0xe3, 0x8a, 0x92, 0xa2, 0x8b, 0x5d, 0x2c, 0x39, 0x1e, 0x62,
0x45, 0x2a, 0x86, 0xd5, 0x0e, 0x02, 0x67, 0x22, 0x8b, 0xe1, 0x76, 0xc7, 0x7d, 0x24, 0x02, 0xef,
0xfe, 0x9f, 0xa5, 0x0d, 0xe4, 0x07, 0xbb, 0xb8, 0x51, 0xb3, 0x7d, 0x59, 0x04, 0xab, 0xa2, 0xde,
0xde, 0x74, 0xda, 0x2a};
-char sha512_hash[] = {0x29, 0x6e, 0x22, 0x67, 0xd7, 0x4c, 0x27, 0x8d, 0xaa, 0xaa, 0x94, 0x0d,
+static char sha512_hash[] = {0x29, 0x6e, 0x22, 0x67, 0xd7, 0x4c, 0x27, 0x8d, 0xaa, 0xaa, 0x94, 0x0d,
0x17, 0xb0, 0xcf, 0xb7, 0x4a, 0x50, 0x83, 0xf8, 0xe0, 0x69, 0x72, 0x6d, 0x8c, 0x84, 0x1c, 0xbe,
0x59, 0x6e, 0x04, 0x31, 0xcb, 0x77, 0x41, 0xa5, 0xb5, 0x0f, 0x71, 0x66, 0x6c, 0xfd, 0x54, 0xba,
0xcb, 0x7b, 0x00, 0xae, 0xa8, 0x91, 0x49, 0x9c, 0xf4, 0xef, 0x6a, 0x03, 0xc8, 0xa8, 0x3f, 0xe3,
0x7c, 0x3f, 0x7b, 0xaf};
-test_data check1[] = {
+static test_data check1[] = {
{"Test psa_hash_finish with MD2 algorithm\n",
PSA_ALG_MD2, 0xbd, 1,
{0x8c, 0x9c, 0x17, 0x66, 0x5d, 0x25, 0xb3, 0x5f, 0xc4, 0x13, 0xc4, 0x18, 0x05, 0xc6, 0x79, 0xcf},
diff --git a/api-tests/dev_apis/crypto/test_c015/test_c015.c b/api-tests/dev_apis/crypto/test_c015/test_c015.c
index b31f560..0ff669a 100644
--- a/api-tests/dev_apis/crypto/test_c015/test_c015.c
+++ b/api-tests/dev_apis/crypto/test_c015/test_c015.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,14 +15,8 @@
* limitations under the License.
**/
-#ifdef NONSECURE_TEST_BUILD
#include "val_interfaces.h"
#include "val_target.h"
-#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
-#endif
-
#include "test_c015.h"
#include "test_data.h"
#include "val_crypto.h"
@@ -34,51 +28,38 @@
NULL,
};
-int g_test_count;
+static int g_test_count = 1;
int32_t psa_hash_abort_test(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
int num_checks = sizeof(check1)/sizeof(check1[0]);
- uint32_t i;
+ int32_t i, status;
psa_hash_operation_t operation;
- g_test_count = 1;
-
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
for (i = 0; i < num_checks; i++)
{
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, check1[i].test_desc, 0);
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
/* Start a multipart hash operation */
status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &operation, check1[i].alg);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA hash setup failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Abort a hash operation */
status = val->crypto_function(VAL_CRYPTO_HASH_ABORT, &operation);
- if (status != check1[i].expected_status)
- {
- val->print(PRINT_ERROR, "\tPSA hash abort failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(4));
/* Multiple hash abort should succeed */
status = val->crypto_function(VAL_CRYPTO_HASH_ABORT, &operation);
- if (status != check1[i].expected_status)
- {
- val->print(PRINT_ERROR, "\tPSA hash abort failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(5));
}
@@ -87,56 +68,41 @@
int32_t psa_hash_abort_before_operation_finish(security_t caller)
{
- int32_t status = VAL_STATUS_SUCCESS;
psa_hash_operation_t operation;
char input = 0xbd;
size_t input_length = 1;
psa_algorithm_t alg = PSA_ALG_SHA_256;
char hash[HASH_64B];
size_t hash_length, hash_size = sizeof(hash)/sizeof(hash[0]);
+ int32_t status;
/* Initialize the PSA crypto library*/
- if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
- {
- return VAL_STATUS_INIT_FAILED;
- }
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
val->print(PRINT_TEST, "Test psa_hash_finish after calling psa_hash_abort\n", 0);
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
/* Start a multipart hash operation */
status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &operation, alg);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA hash setup failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
/* Add a message fragment to a multipart hash operation */
- status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation,
- &input, input_length);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA hash update failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation, &input, input_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
/* Abort a hash operation */
status = val->crypto_function(VAL_CRYPTO_HASH_ABORT, &operation);
- if (status != PSA_SUCCESS)
- {
- val->print(PRINT_ERROR, "\tPSA hash abort failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
/* Finish the calculation of the hash of a message */
status = val->crypto_function(VAL_CRYPTO_HASH_FINISH, &operation, hash, hash_size,
- &hash_length);
- if (status != PSA_ERROR_INVALID_ARGUMENT)
- {
- val->print(PRINT_ERROR, "\tPSA hash finish should have failed\n", 0);
- return VAL_STATUS_INVALID;
- }
+ &hash_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_ARGUMENT, TEST_CHECKPOINT_NUM(6));
return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/dev_apis/crypto/test_c015/test_c015.h b/api-tests/dev_apis/crypto/test_c015/test_c015.h
index 32f7a1e..bf435c2 100644
--- a/api-tests/dev_apis/crypto/test_c015/test_c015.h
+++ b/api-tests/dev_apis/crypto/test_c015/test_c015.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,7 +18,6 @@
#define _TEST_C015_CLIENT_TESTS_H_
#include "val_crypto.h"
-
#define test_entry CONCAT(test_entry_,c015)
#define val CONCAT(val,test_entry)
#define psa CONCAT(psa,test_entry)
diff --git a/api-tests/dev_apis/crypto/test_c015/test_data.h b/api-tests/dev_apis/crypto/test_c015/test_data.h
index d06bf4a..7763393 100644
--- a/api-tests/dev_apis/crypto/test_c015/test_data.h
+++ b/api-tests/dev_apis/crypto/test_c015/test_data.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,7 +23,7 @@
psa_status_t expected_status;
} test_data;
-test_data check1[] = {
+static test_data check1[] = {
{"Test psa_hash_abort with MD2 algorithm\n",
PSA_ALG_MD2, PSA_SUCCESS,
},
diff --git a/api-tests/dev_apis/crypto/test_c016/source.mk b/api-tests/dev_apis/crypto/test_c016/source.mk
new file mode 100644
index 0000000..320e43b
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c016/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c016.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c016/test_c016.c b/api-tests/dev_apis/crypto/test_c016/test_c016.c
new file mode 100644
index 0000000..ece4b2b
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c016/test_c016.c
@@ -0,0 +1,179 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c016.h"
+#include "test_data.h"
+#include "val_crypto.h"
+
+client_test_t test_c016_crypto_list[] = {
+ NULL,
+ psa_generate_key_test,
+ psa_generate_key_negative_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static uint8_t data[BUFFER_SIZE];
+
+int32_t psa_generate_key_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ uint32_t i, length;
+ psa_key_policy_t policy;
+ psa_key_type_t key_type;
+ size_t bits;
+ int32_t status;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ if (check1[i].expected_status == PSA_SUCCESS)
+ {
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].bits, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+ }
+
+ /* Generate a key or key pair */
+ status = val->crypto_function(VAL_CRYPTO_GENERATE_KEY, check1[i].key_handle,
+ check1[i].key_type, check1[i].bits, check1[i].extra, check1[i].extra_size);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(5));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ continue;
+
+ /* Get basic metadata about a key */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_handle,
+ &key_type, &bits);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ TEST_ASSERT_EQUAL(key_type, check1[i].key_type, TEST_CHECKPOINT_NUM(7));
+
+ TEST_ASSERT_EQUAL(bits, check1[i].expected_bit_length, TEST_CHECKPOINT_NUM(8));
+
+ /* Export a key in binary format */
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check1[i].key_handle, data,
+ BUFFER_SIZE, &length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(9));
+
+ TEST_ASSERT_EQUAL(length, check1[i].expected_key_length, TEST_CHECKPOINT_NUM(10));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_generate_key_negative_test(security_t caller)
+{
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ uint32_t i;
+ psa_key_policy_t policy;
+ int32_t status;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_generate_key with unallocated key handle\n",
+ g_test_count++);
+ /* Generate a key or key pair */
+ status = val->crypto_function(VAL_CRYPTO_GENERATE_KEY, check2[i].key_handle,
+ check2[i].key_type, check2[i].bits, check2[i].extra, check2[i].extra_size);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_generate_key with zero as key handle\n",
+ g_test_count++);
+ /* Generate a key or key pair */
+ status = val->crypto_function(VAL_CRYPTO_GENERATE_KEY, 0, check2[i].key_type,
+ check2[i].bits, check2[i].extra, check2[i].extra_size);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_generate_key with pre-occupied key handle\n",
+ g_test_count++);
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
+ check2[i].key_alg);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check2[i].key_type,
+ check2[i].bits, &check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Generate a key or key pair */
+ status = val->crypto_function(VAL_CRYPTO_GENERATE_KEY, check2[i].key_handle,
+ check2[i].key_type, check2[i].bits, check2[i].extra, check2[i].extra_size);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+
+ /* Generate a key or key pair */
+ status = val->crypto_function(VAL_CRYPTO_GENERATE_KEY, check2[i].key_handle,
+ check2[i].key_type, check2[i].bits, check2[i].extra, check2[i].extra_size);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_OCCUPIED_SLOT, TEST_CHECKPOINT_NUM(8));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_generate_key with destroyed key handle\n",
+ g_test_count++);
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+
+ /* Generate a key or key pair */
+ status = val->crypto_function(VAL_CRYPTO_GENERATE_KEY, check2[i].key_handle,
+ check2[i].key_type, check2[i].bits, check2[i].extra, check2[i].extra_size);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(10));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
diff --git a/api-tests/dev_apis/crypto/test_c016/test_c016.h b/api-tests/dev_apis/crypto/test_c016/test_c016.h
new file mode 100644
index 0000000..7697b91
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c016/test_c016.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C016_CLIENT_TESTS_H_
+#define _TEST_C016_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c016)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c016_crypto_list[];
+
+int32_t psa_generate_key_test(security_t caller);
+int32_t psa_generate_key_negative_test(security_t caller);
+#endif /* _TEST_C016_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c016/test_data.h b/api-tests/dev_apis/crypto/test_c016/test_data.h
new file mode 100644
index 0000000..f02cd23
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c016/test_data.h
@@ -0,0 +1,117 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ size_t bits;
+ void *extra;
+ size_t extra_size;
+ uint32_t expected_bit_length;
+ uint32_t expected_key_length;
+ psa_status_t expected_status;
+} test_data;
+
+#ifdef FUTURE_SUPPORT
+static uint32_t rsa_extra = 3;
+#endif
+
+static test_data check1[] = {
+{"Test psa_generate_key 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
+ PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), NULL, 0,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_generate_key 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
+ PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ BYTES_TO_BITS(AES_24B_KEY_SIZE), NULL, 0,
+ BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_generate_key 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
+ PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ BYTES_TO_BITS(AES_32B_KEY_SIZE), NULL, 0,
+ BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_generate_key with DES 64 bit key\n", 4, PSA_KEY_TYPE_DES,
+ PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ BYTES_TO_BITS(DES_8B_KEY_SIZE), NULL, 0,
+ BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_generate_key with Triple DES 2-Key\n", 5, PSA_KEY_TYPE_DES,
+ PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ BYTES_TO_BITS(DES3_2KEY_SIZE), NULL, 0,
+ BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_generate_key with Triple DES 3-Key\n", 6, PSA_KEY_TYPE_DES,
+ PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ BYTES_TO_BITS(DES3_3KEY_SIZE), NULL, 0,
+ BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_generate_key with Null extra and Non-Zero extra size\n", 7, PSA_KEY_TYPE_AES,
+ PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ BYTES_TO_BITS(AES_32B_KEY_SIZE), NULL, sizeof(uint32_t),
+ 0, 0, PSA_ERROR_INVALID_ARGUMENT
+},
+
+#ifdef FUTURE_SUPPORT
+{"Test psa_generate_key with RSA 2048 Keypair\n", 8, PSA_KEY_TYPE_RSA_KEYPAIR,
+ PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 1024, NULL, 0,
+ 1024, 1193, PSA_SUCCESS
+},
+#endif
+
+{"Test psa_generate_key with ECC KeyPair\n", 9,
+ PSA_KEY_TYPE_ECC_KEYPAIR_BASE | PSA_ECC_CURVE_SECP192R1,
+ PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 192, NULL, 0,
+ 192, 98, PSA_SUCCESS
+},
+
+#ifdef FUTURE_SUPPORT
+{"Test psa_generate_key with Non-Null extra for 32 Byte AES key\n", 10, PSA_KEY_TYPE_AES,
+ PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ BYTES_TO_BITS(AES_32B_KEY_SIZE), &rsa_extra, sizeof(uint32_t),
+ 0, 0, PSA_ERROR_INVALID_ARGUMENT
+},
+#endif
+
+{"Test psa_generate_key with RSA 1024 Public key\n", 11, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+ PSA_KEY_USAGE_EXPORT | PSA_KEY_USAGE_SIGN | PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 1024, NULL, 0,
+ 1024, 1193, PSA_ERROR_NOT_SUPPORTED
+},
+};
+
+static test_data check2[] = {
+{"Test psa_generate_key negative cases\n", 12, PSA_KEY_TYPE_AES,
+ PSA_KEY_USAGE_EXPORT, PSA_ALG_CTR,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), NULL, 0,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c016/test_entry.c b/api-tests/dev_apis/crypto/test_c016/test_entry.c
new file mode 100644
index 0000000..3957dd6
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c016/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c016.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 16)
+#define TEST_DESC "Testing crypto generator functions APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c016_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c017/source.mk b/api-tests/dev_apis/crypto/test_c017/source.mk
new file mode 100644
index 0000000..fbb15fd
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c017/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c017.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c017/test_c017.c b/api-tests/dev_apis/crypto/test_c017/test_c017.c
new file mode 100644
index 0000000..10387b8
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c017/test_c017.c
@@ -0,0 +1,74 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c017.h"
+#include "test_data.h"
+#include "val_crypto.h"
+
+client_test_t test_c017_crypto_list[] = {
+ NULL,
+ psa_generate_random_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+
+int32_t psa_generate_random_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ uint32_t i, j, data_sum;
+ uint8_t data[BUFFER_SIZE] = {0};
+ int32_t status;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Generate random bytes */
+ status = val->crypto_function(VAL_CRYPTO_GENERATE_RANDOM, data, check1[i].size);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(3));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ continue;
+
+ data_sum = 0;
+ /* Check that if generated data are zero */
+ for (j = 0; j < check1[i].size; j++)
+ {
+ data_sum += data[j];
+ data[j] = 0;
+ }
+
+ if (check1[i].size != 0)
+ TEST_ASSERT_NOT_EQUAL(data_sum, 0, TEST_CHECKPOINT_NUM(4));
+ else
+ TEST_ASSERT_EQUAL(data_sum, 0, TEST_CHECKPOINT_NUM(5));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c017/test_c017.h b/api-tests/dev_apis/crypto/test_c017/test_c017.h
new file mode 100644
index 0000000..ee8c4ef
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c017/test_c017.h
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C017_CLIENT_TESTS_H_
+#define _TEST_C017_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c017)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c017_crypto_list[];
+
+int32_t psa_generate_random_test(security_t caller);
+#endif /* _TEST_C017_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c017/test_data.h b/api-tests/dev_apis/crypto/test_c017/test_data.h
new file mode 100644
index 0000000..4e0c46c
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c017/test_data.h
@@ -0,0 +1,56 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ size_t size;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+{"Test psa_generate_random to get 0 Byte data\n", 0, PSA_SUCCESS
+},
+
+{"Test psa_generate_random to get 16 Byte data\n", 16, PSA_SUCCESS
+},
+
+{"Test psa_generate_random to get 24 Byte data\n", 24, PSA_SUCCESS
+},
+
+{"Test psa_generate_random to get 32 Byte data\n", 32, PSA_SUCCESS
+},
+
+{"Test psa_generate_random to get 64 Byte data\n", 64, PSA_SUCCESS
+},
+
+{"Test psa_generate_random to get 128 Byte data\n", 128, PSA_SUCCESS
+},
+
+{"Test psa_generate_random to get 256 Byte data\n", 256, PSA_SUCCESS
+},
+
+{"Test psa_generate_random to get 512 Byte data\n", 512, PSA_SUCCESS
+},
+
+{"Test psa_generate_random to get 1000 Byte data\n", 100, PSA_SUCCESS
+},
+
+{"Test psa_generate_random to get 1024 Byte data\n", 1024, PSA_SUCCESS
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c017/test_entry.c b/api-tests/dev_apis/crypto/test_c017/test_entry.c
new file mode 100644
index 0000000..500d2ec
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c017/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c017.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 17)
+#define TEST_DESC "Testing crypto generator functions APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c017_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c018/source.mk b/api-tests/dev_apis/crypto/test_c018/source.mk
new file mode 100644
index 0000000..e78ff20
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c018/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c018.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c018/test_c018.c b/api-tests/dev_apis/crypto/test_c018/test_c018.c
new file mode 100644
index 0000000..4e77082
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c018/test_c018.c
@@ -0,0 +1,147 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c018.h"
+#include "test_data.h"
+#include "val_crypto.h"
+
+client_test_t test_c018_crypto_list[] = {
+ NULL,
+ psa_generator_read_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static uint8_t data[BUFFER_SIZE_HIGH];
+
+int32_t psa_generator_read_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ uint32_t i, j, data_sum, remaining_size;
+ psa_key_policy_t policy;
+ psa_crypto_generator_t generator, invalid_generator;
+ int32_t status;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ memset(&generator, 0, sizeof(generator));
+ memset(&invalid_generator, 0xDEADEAD, sizeof(invalid_generator));
+ memset(data, 0, sizeof(data));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, check1[i].key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set up a key derivation operation. Using this function to initialize the generate as
+ * XOR or PRNG generator initialization is not implemented.
+ */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION, &generator, check1[i].key_handle,
+ check1[i].key_alg, &check1[i].salt, check1[i].salt_length, &check1[i].label,
+ check1[i].label_length, check1[i].capacity);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Read some data from a generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_READ, &generator, data,
+ check1[i].size);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(7));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ /* Abort a generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+ continue;
+ }
+
+ data_sum = 0;
+ /* Check that if generated data are zero */
+ for (j = 0; j < check1[i].size; j++)
+ {
+ data_sum += data[j];
+ }
+
+ memset(data, 0, sizeof(data));
+ TEST_ASSERT_NOT_EQUAL(data_sum, 0, TEST_CHECKPOINT_NUM(9));
+
+ remaining_size = check1[i].capacity - check1[i].size;
+ if (remaining_size > 0)
+ {
+ /* Read some data from a generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_READ, &generator,
+ data, remaining_size);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+
+ data_sum = 0;
+ /* Check that if generated data are zero */
+ for (j = 0; j < remaining_size; j++)
+ {
+ data_sum += data[j];
+ }
+
+ memset(data, 0, sizeof(data));
+ TEST_ASSERT_NOT_EQUAL(data_sum, 0, TEST_CHECKPOINT_NUM(11));
+
+ /* Read some data from a generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_READ, &generator,
+ data, check1[i].size);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INSUFFICIENT_CAPACITY, TEST_CHECKPOINT_NUM(12));
+ }
+
+ /* Read data using invalid generator handle */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_READ, &invalid_generator,
+ data, 1);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(13));
+
+ /* Abort a generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(14));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c018/test_c018.h b/api-tests/dev_apis/crypto/test_c018/test_c018.h
new file mode 100644
index 0000000..34f72c8
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c018/test_c018.h
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C018_CLIENT_TESTS_H_
+#define _TEST_C018_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c018)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c018_crypto_list[];
+
+int32_t psa_generator_read_test(security_t caller);
+#endif /* _TEST_C018_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c018/test_data.h b/api-tests/dev_apis/crypto/test_c018/test_data.h
new file mode 100644
index 0000000..34243a0
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c018/test_data.h
@@ -0,0 +1,90 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ uint8_t salt[16];
+ size_t salt_length;
+ uint8_t label[16];
+ size_t label_length;
+ size_t capacity;
+ size_t size;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+/* Covers the following cases
+ * - 16 Byte key
+ * - SHA 256
+ * - Output size less than generator capacity
+ */
+{"Test psa_generator_read to get 16 Byte data with SHA-256\n", 1, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ {0}, 0, {0}, 0, 32,
+ 16, PSA_SUCCESS
+},
+
+/* Covers the following cases
+ * - 32 Byte key
+ * - SHA 512
+ * - Output size equal to generator capacity
+ */
+{"Test psa_generator_read to get 32 Byte data with SHA-512\n", 2, PSA_KEY_TYPE_DERIVE,
+{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
+ 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_512),
+ {0}, 0, {0}, 0, 64,
+ 64, PSA_SUCCESS
+},
+
+/* Covers the following cases
+ * - 8 Byte Key
+ * - SHA 1
+ * - Output size greater than the generator capacity
+ */
+{"Test psa_generator_read to get 8 Byte data with SHA-1\n", 3, PSA_KEY_TYPE_DERIVE,
+{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_1),
+ {0}, 0, {0}, 0, 64,
+ 70, PSA_ERROR_INSUFFICIENT_CAPACITY
+},
+
+{"Test psa_generator_read to request maximum capacity\n", 4, PSA_KEY_TYPE_DERIVE,
+{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_1),
+ {0}, 0, {0}, 0, (255 * 20),
+ (255 * 20), PSA_SUCCESS
+},
+
+{"Test psa_generator_read to request maximum capacity +1\n", 5, PSA_KEY_TYPE_DERIVE,
+{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_1),
+ {0}, 0, {0}, 0, (255 * 20),
+ ((255 * 20) + 1), PSA_ERROR_INSUFFICIENT_CAPACITY
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c018/test_entry.c b/api-tests/dev_apis/crypto/test_c018/test_entry.c
new file mode 100644
index 0000000..4ae7f2d
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c018/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c018.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 18)
+#define TEST_DESC "Testing crypto generator functions APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c018_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c019/source.mk b/api-tests/dev_apis/crypto/test_c019/source.mk
new file mode 100644
index 0000000..0557275
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c019/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c019.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c019/test_c019.c b/api-tests/dev_apis/crypto/test_c019/test_c019.c
new file mode 100644
index 0000000..bfeadc6
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c019/test_c019.c
@@ -0,0 +1,122 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c019.h"
+#include "test_data.h"
+#include "val_crypto.h"
+
+client_test_t test_c019_crypto_list[] = {
+ NULL,
+ psa_get_generator_capacity_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static uint8_t data[BUFFER_SIZE];
+
+int32_t psa_get_generator_capacity_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ uint32_t i, remaining_size;
+ size_t capacity;
+ psa_key_policy_t policy;
+ psa_crypto_generator_t generator;
+ int32_t status;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ memset(&generator, 0, sizeof(generator));
+ memset(data, 0, sizeof(data));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, check1[i].key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set up a key derivation operation. Using this function to initialize the generate as
+ * XOR or PRNG generator initialization is not implemented.
+ */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION, &generator, check1[i].key_handle,
+ check1[i].key_alg, check1[i].salt, check1[i].salt_length, check1[i].label,
+ check1[i].label_length, check1[i].capacity);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Retrieve the current capacity of a generator */
+ status = val->crypto_function(VAL_CRYPTO_GET_GENERATOR_CAPACITY, &generator, &capacity);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(7));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ /* Abort a generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+ continue;
+ }
+
+ TEST_ASSERT_EQUAL(capacity, check1[i].capacity, TEST_CHECKPOINT_NUM(9));
+
+ /* Generate random bytes */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_READ, &generator, data,
+ check1[i].size);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+
+ remaining_size = check1[i].capacity - check1[i].size;
+
+ /* Retrieve the current capacity of a generator */
+ status = val->crypto_function(VAL_CRYPTO_GET_GENERATOR_CAPACITY, &generator, &capacity);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
+
+ TEST_ASSERT_EQUAL(capacity, remaining_size, TEST_CHECKPOINT_NUM(12));
+
+ /* Abort a generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(13));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c019/test_c019.h b/api-tests/dev_apis/crypto/test_c019/test_c019.h
new file mode 100644
index 0000000..da29369
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c019/test_c019.h
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C019_CLIENT_TESTS_H_
+#define _TEST_C019_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c019)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c019_crypto_list[];
+
+int32_t psa_get_generator_capacity_test(security_t caller);
+#endif /* _TEST_C019_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c019/test_data.h b/api-tests/dev_apis/crypto/test_c019/test_data.h
new file mode 100644
index 0000000..a9bcc1f
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c019/test_data.h
@@ -0,0 +1,64 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ uint8_t salt[16];
+ size_t salt_length;
+ uint8_t label[16];
+ size_t label_length;
+ size_t capacity;
+ size_t size;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+/* Covers the following cases
+ * - 16 Byte key
+ * - SHA 256
+ * - Output size less than generator capacity
+ */
+{"Test psa_generator_get_capacity to get 16 Byte data with SHA-256\n", 1, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ {0}, 0, {0}, 0, 32,
+ 16, PSA_SUCCESS
+},
+
+/* Covers the following cases
+ * - 32 Byte key
+ * - SHA 512
+ * - Output size equal to generator capacity
+ */
+{"Test psa_generator_get_capacity to get 32 Byte data with SHA-512\n", 2, PSA_KEY_TYPE_DERIVE,
+{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
+ 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_512),
+ {0}, 0, {0}, 0, 64,
+ 64, PSA_SUCCESS
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c019/test_entry.c b/api-tests/dev_apis/crypto/test_c019/test_entry.c
new file mode 100644
index 0000000..b1c5b15
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c019/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c019.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 19)
+#define TEST_DESC "Testing crypto generator functions APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c019_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c020/source.mk b/api-tests/dev_apis/crypto/test_c020/source.mk
new file mode 100644
index 0000000..96665a2
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c020/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c020.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c020/test_c020.c b/api-tests/dev_apis/crypto/test_c020/test_c020.c
new file mode 100644
index 0000000..7ea9f34
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c020/test_c020.c
@@ -0,0 +1,307 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c020.h"
+#include "test_data.h"
+#include "val_crypto.h"
+
+#define SLOT_1 0
+#define SLOT_2 1
+#define SLOT_3 2
+#define SLOT_4 3
+
+client_test_t test_c020_crypto_list[] = {
+ NULL,
+ psa_generator_import_key_test,
+ psa_generator_import_key_negative_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static uint8_t data[BUFFER_SIZE];
+static psa_crypto_generator_t generator;
+
+int32_t psa_generator_import_key_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ uint32_t i, j, data_sum, remaining_size, length = 0;
+ uint32_t salt = 0, label = 0;
+ size_t salt_length = 0, label_length = 0;
+ psa_key_policy_t policy;
+ int32_t status;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ memset(&generator, 0, sizeof(generator));
+ memset(data, 0, sizeof(data));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage[SLOT_1],
+ check1[i].key_alg[SLOT_1]);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type[SLOT_1],
+ check1[i].key_length, &check1[i].key_handle[SLOT_1]);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle[SLOT_1],
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle[SLOT_1],
+ check1[i].key_type[SLOT_1], check1[i].key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Set up a key derivation operation. Using this function to initialize the generate as
+ * XOR or PRNG generator initialization is not implemented.
+ */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION, &generator,
+ check1[i].key_handle[SLOT_1], check1[i].key_alg[SLOT_1], &salt, salt_length,
+ &label, label_length, check1[i].capacity);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage[SLOT_2],
+ check1[i].key_alg[SLOT_2]);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type[SLOT_2],
+ check1[i].key_length, &check1[i].key_handle[SLOT_2]);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle[SLOT_2],
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Create a symmetric key from data read from a generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_IMPORT_KEY, check1[i].key_handle[SLOT_2],
+ check1[i].key_type[SLOT_2], BYTES_TO_BITS(check1[i].size), &generator);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(7));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ /* Abort a generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+ continue;
+ }
+
+ /* Export a key in binary format */
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check1[i].key_handle[SLOT_2], data,
+ BUFFER_SIZE, &length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+
+ TEST_ASSERT_EQUAL(length, check1[i].size, TEST_CHECKPOINT_NUM(10));
+
+ data_sum = 0;
+ /* Check that if generated data are zero */
+ for (j = 0; j < check1[i].size; j++)
+ {
+ data_sum += data[j];
+ }
+
+ memset(data, 0, sizeof(data));
+ TEST_ASSERT_NOT_EQUAL(data_sum, 0, TEST_CHECKPOINT_NUM(12));
+
+ remaining_size = check1[i].capacity - check1[i].size;
+ if (remaining_size > 0)
+ {
+ length = 0;
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage[SLOT_2],
+ check1[i].key_alg[SLOT_2]);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type[SLOT_2],
+ check1[i].key_length, &check1[i].key_handle[SLOT_3]);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle[SLOT_3],
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
+
+ /* Create a symmetric key from data read from a generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_IMPORT_KEY,
+ check1[i].key_handle[SLOT_3], check1[i].key_type[SLOT_2],
+ BYTES_TO_BITS(check1[i].size), &generator);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(13));
+
+ /* Export a key in binary format */
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check1[i].key_handle[SLOT_3], data,
+ BUFFER_SIZE, &length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(14));
+
+ TEST_ASSERT_EQUAL(length, remaining_size, TEST_CHECKPOINT_NUM(15));
+
+ data_sum = 0;
+ /* Check that if generated data are zero */
+ for (j = 0; j < remaining_size; j++)
+ {
+ data_sum += data[j];
+ }
+
+ memset(data, 0, sizeof(data));
+ TEST_ASSERT_NOT_EQUAL(data_sum, 0, TEST_CHECKPOINT_NUM(16));
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage[SLOT_2],
+ check1[i].key_alg[SLOT_2]);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type[SLOT_2],
+ check1[i].key_length, &check1[i].key_handle[SLOT_4]);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle[SLOT_4],
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(17));
+
+ /* Create a symmetric key from data read from a generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_IMPORT_KEY,
+ check1[i].key_handle[SLOT_4], check1[i].key_type[SLOT_2],
+ BYTES_TO_BITS(check1[i].size), &generator);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INSUFFICIENT_CAPACITY, TEST_CHECKPOINT_NUM(18));
+ }
+
+ /* Abort a generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(19));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_generator_import_key_negative_test(security_t caller)
+{
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ int32_t i, status;
+ uint32_t salt = 0, label = 0;
+ size_t salt_length = 0, label_length = 0;
+ uint8_t data[BUFFER_SIZE];
+ psa_key_policy_t policy;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ memset(&generator, 0, sizeof(generator));
+ memset(data, 0, sizeof(data));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage[SLOT_1],
+ check2[i].key_alg[SLOT_1]);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check2[i].key_type[SLOT_1],
+ check2[i].key_length, &check2[i].key_handle[SLOT_1]);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle[SLOT_1],
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check2[i].key_handle[SLOT_1],
+ check2[i].key_type[SLOT_1], check2[i].key_data, check2[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set up a key derivation operation. Using this function to initialize the generate as
+ * XOR or PRNG generator initialization is not implemented.
+ */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION, &generator,
+ check2[i].key_handle[SLOT_1], check2[i].key_alg[SLOT_1], &salt, salt_length,
+ &label, label_length, check2[i].capacity);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_generator_import_key with invalid handle\n",
+ g_test_count++);
+ /* Create a symmetric key from data read from a generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_IMPORT_KEY, check2[i].key_handle[SLOT_2],
+ check2[i].key_type[SLOT_2], check2[i].size, &generator);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(7));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_generator_import_key with zero handle\n",
+ g_test_count++);
+ /* Create a symmetric key from data read from a generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_IMPORT_KEY, ZERO_KEY_SLOT,
+ check2[i].key_type[SLOT_2], check2[i].size, &generator);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(7));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_generator_import_key with"
+ " pre-occupied key slot\n", g_test_count++);
+ /* Create a symmetric key from data read from a generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_IMPORT_KEY, check2[i].key_handle[SLOT_1],
+ check2[i].key_type[SLOT_2], check2[i].size, &generator);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_OCCUPIED_SLOT, TEST_CHECKPOINT_NUM(9));
+
+ /* Abort a generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c020/test_c020.h b/api-tests/dev_apis/crypto/test_c020/test_c020.h
new file mode 100644
index 0000000..9584bef
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c020/test_c020.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C020_CLIENT_TESTS_H_
+#define _TEST_C020_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c020)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c020_crypto_list[];
+
+int32_t psa_generator_import_key_test(security_t caller);
+int32_t psa_generator_import_key_negative_test(security_t caller);
+#endif /* _TEST_C020_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c020/test_data.h b/api-tests/dev_apis/crypto/test_c020/test_data.h
new file mode 100644
index 0000000..1689a08
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c020/test_data.h
@@ -0,0 +1,90 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle[4];
+ psa_key_type_t key_type[2];
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage[2];
+ psa_algorithm_t key_alg[2];
+ size_t capacity;
+ size_t size;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+{"Test psa_generator_import_key for 16 Byte AES Key\n", {1, 2, 3, 4},
+{PSA_KEY_TYPE_DERIVE, PSA_KEY_TYPE_AES},
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, {PSA_KEY_USAGE_DERIVE, PSA_KEY_USAGE_EXPORT},
+ {PSA_ALG_HKDF(PSA_ALG_SHA_256), PSA_ALG_CTR},
+ 32, 16, PSA_SUCCESS
+},
+
+{"Test psa_generator_import_key for Triple DES 3-Key\n", {5, 6, 7, 8},
+{PSA_KEY_TYPE_DERIVE, PSA_KEY_TYPE_DES},
+{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
+ 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
+ AES_32B_KEY_SIZE, {PSA_KEY_USAGE_DERIVE, PSA_KEY_USAGE_EXPORT},
+{PSA_ALG_HKDF(PSA_ALG_SHA_512), PSA_ALG_CTR},
+ DES3_3KEY_SIZE, DES3_3KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_generator_import_key output greater than capacity\n", {9, 10, 11, 12},
+{PSA_KEY_TYPE_DERIVE, PSA_KEY_TYPE_AES},
+{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, {PSA_KEY_USAGE_DERIVE, PSA_KEY_USAGE_EXPORT},
+{PSA_ALG_HKDF(PSA_ALG_SHA_1), PSA_ALG_CTR},
+ 64, 80, PSA_ERROR_INSUFFICIENT_CAPACITY
+},
+
+{"Test psa_generator_import_key for RSA Public Key - Invalid type\n", {13, 14, 15, 16},
+{PSA_KEY_TYPE_DERIVE, PSA_KEY_TYPE_RSA_PUBLIC_KEY},
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, {PSA_KEY_USAGE_DERIVE, PSA_KEY_USAGE_EXPORT},
+{PSA_ALG_HKDF(PSA_ALG_SHA_256), PSA_ALG_CTR},
+ 32, 16, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_generator_import_key for invalid byte for generation\n", {20, 21, 22, 23},
+{PSA_KEY_TYPE_DERIVE, PSA_KEY_TYPE_AES},
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, {PSA_KEY_USAGE_DERIVE, PSA_KEY_USAGE_EXPORT},
+{PSA_ALG_HKDF(PSA_ALG_SHA_256), PSA_ALG_CTR},
+ 32, 10, PSA_ERROR_INVALID_ARGUMENT
+},
+};
+
+static test_data check2[] = {
+{"Test psa_generator_import_key negative cases\n",
+{17, 18, 18, 18},
+{PSA_KEY_TYPE_DERIVE, PSA_KEY_TYPE_AES},
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, {PSA_KEY_USAGE_DERIVE, PSA_KEY_USAGE_EXPORT},
+{PSA_ALG_HKDF(PSA_ALG_SHA_256), PSA_ALG_CTR},
+ 32, BYTES_TO_BITS(8), PSA_ERROR_INVALID_HANDLE
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c020/test_entry.c b/api-tests/dev_apis/crypto/test_c020/test_entry.c
new file mode 100644
index 0000000..c109392
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c020/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c020.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 20)
+#define TEST_DESC "Testing crypto generator functions APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c020_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c021/source.mk b/api-tests/dev_apis/crypto/test_c021/source.mk
new file mode 100644
index 0000000..39736c8
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c021/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c021.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c021/test_c021.c b/api-tests/dev_apis/crypto/test_c021/test_c021.c
new file mode 100644
index 0000000..9dc7a72
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c021/test_c021.c
@@ -0,0 +1,112 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c021.h"
+#include "test_data.h"
+#include "val_crypto.h"
+
+client_test_t test_c021_crypto_list[] = {
+ NULL,
+ psa_generator_abort_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static uint8_t data[BUFFER_SIZE];
+
+int32_t psa_generator_abort_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ psa_key_policy_t policy;
+ psa_crypto_generator_t generator;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ memset(&generator, 0, sizeof(generator));
+ memset(data, 0, sizeof(data));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_generator_abort on empty generator\n",
+ g_test_count++);
+ /* Abort an empty generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, check1[i].key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set up a key derivation operation. Using this function to initialize the generate as
+ * XOR or PRNG generator initialization is not implemented.
+ */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION, &generator, check1[i].key_handle,
+ check1[i].key_alg, check1[i].salt, check1[i].salt_length, check1[i].label,
+ check1[i].label_length, check1[i].capacity);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Abort the generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+
+ /* Generate random bytes */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_READ, &generator, data, check1[i].size);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(8));
+
+ val->print(PRINT_TEST, "[Check %d] Multiple psa_generator_abort test\n", g_test_count++);
+ /* Abort the generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+
+ /* Abort the generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c021/test_c021.h b/api-tests/dev_apis/crypto/test_c021/test_c021.h
new file mode 100644
index 0000000..77b0783
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c021/test_c021.h
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C021_CLIENT_TESTS_H_
+#define _TEST_C021_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c021)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c021_crypto_list[];
+
+int32_t psa_generator_abort_test(security_t caller);
+#endif /* _TEST_C021_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c021/test_data.h b/api-tests/dev_apis/crypto/test_c021/test_data.h
new file mode 100644
index 0000000..1f6444b
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c021/test_data.h
@@ -0,0 +1,45 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ uint8_t salt[16];
+ size_t salt_length;
+ uint8_t label[16];
+ size_t label_length;
+ size_t capacity;
+ size_t size;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+{"Test psa_generator_abort\n", 1, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ {0}, 0, {0}, 0, 32,
+ 16, PSA_SUCCESS
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c021/test_entry.c b/api-tests/dev_apis/crypto/test_c021/test_entry.c
new file mode 100644
index 0000000..621cd97
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c021/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c021.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 21)
+#define TEST_DESC "Testing crypto generator functions APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c021_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c022/source.mk b/api-tests/dev_apis/crypto/test_c022/source.mk
new file mode 100644
index 0000000..cd40601
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c022/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c022.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c022/test_c022.c b/api-tests/dev_apis/crypto/test_c022/test_c022.c
new file mode 100644
index 0000000..91a97af
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c022/test_c022.c
@@ -0,0 +1,190 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c022.h"
+#include "test_data.h"
+#include "val_crypto.h"
+
+
+client_test_t test_c022_crypto_list[] = {
+ NULL,
+ psa_key_derivation_test,
+ psa_key_derivation_negative_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static uint8_t data[BUFFER_SIZE];
+
+int32_t psa_key_derivation_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ size_t capacity;
+ psa_key_policy_t policy;
+ psa_crypto_generator_t generator;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ memset(&generator, 0, sizeof(generator));
+ memset(data, 0, sizeof(data));
+ capacity = 0;
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, check1[i].key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Set up a key derivation operation. Using this function to initialize the generate as
+ * XOR or PRNG generator initialization is not implemented.
+ */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION, &generator,
+ check1[i].key_handle, check1[i].key_alg, check1[i].salt,
+ check1[i].salt_length, check1[i].label, check1[i].label_length,
+ check1[i].capacity);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(5));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ /* Abort the generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+ continue;
+ }
+
+ /* Retrieve the current capacity of a generator */
+ status = val->crypto_function(VAL_CRYPTO_GET_GENERATOR_CAPACITY, &generator, &capacity);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+
+ TEST_ASSERT_EQUAL(capacity, check1[i].capacity, TEST_CHECKPOINT_NUM(8));
+
+ /* Abort the generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_key_derivation_negative_test(security_t caller)
+{
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ int32_t i, status;
+ psa_key_policy_t policy;
+ psa_key_handle_t empty_key_handle;
+ psa_crypto_generator_t generator;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ memset(&generator, 0, sizeof(generator));
+ memset(data, 0, sizeof(data));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
+ check2[i].key_alg);
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_key_derivation with invalid key handle\n",
+ g_test_count++);
+ /* Set up a key derivation operation. Using this function to initialize the generate as
+ * XOR or PRNG generator initialization is not implemented.
+ */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION, &generator,
+ check2[i].key_handle, check2[i].key_alg, check2[i].salt,
+ check2[i].salt_length, check2[i].label, check2[i].label_length,
+ check2[i].capacity);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(6));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_key_derivation with zero as key handle\n",
+ g_test_count++);
+ /* Set up a key derivation operation. Using this function to initialize the generate as
+ * XOR or PRNG generator initialization is not implemented.
+ */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION, &generator,
+ 0, check2[i].key_alg, check2[i].salt,
+ check2[i].salt_length, check2[i].label, check2[i].label_length,
+ check2[i].capacity);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(7));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_key_derivation with empty key handle\n",
+ g_test_count++);
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check2[i].key_type,
+ check2[i].key_length, &empty_key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, empty_key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+
+ /* Set up a key derivation operation. Using this function to initialize the generate as
+ * XOR or PRNG generator initialization is not implemented.
+ */
+ status = val->crypto_function(VAL_CRYPTO_KEY_DERIVATION, &generator,
+ empty_key_handle, check2[i].key_alg, check2[i].salt,
+ check2[i].salt_length, check2[i].label, check2[i].label_length,
+ check2[i].capacity);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_EMPTY_SLOT, TEST_CHECKPOINT_NUM(10));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c022/test_c022.h b/api-tests/dev_apis/crypto/test_c022/test_c022.h
new file mode 100644
index 0000000..1339ec7
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c022/test_c022.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C022_CLIENT_TESTS_H_
+#define _TEST_C022_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c022)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c022_crypto_list[];
+
+int32_t psa_key_derivation_test(security_t caller);
+int32_t psa_key_derivation_negative_test(security_t caller);
+#endif /* _TEST_C022_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c022/test_data.h b/api-tests/dev_apis/crypto/test_c022/test_data.h
new file mode 100644
index 0000000..dd09cda
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c022/test_data.h
@@ -0,0 +1,114 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ const uint8_t salt[16];
+ size_t salt_length;
+ const uint8_t label[16];
+ size_t label_length;
+ size_t capacity;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+{"Test psa_key_derivation to get 16 Byte data with SHA-256\n", 1, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ {0}, 0, {0}, 0, 32,
+ PSA_SUCCESS
+},
+
+{"Test psa_key_derivation to get 32 Byte data with SHA-512\n", 2, PSA_KEY_TYPE_DERIVE,
+{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
+ 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_512),
+ {0}, 0, {0}, 0, 64,
+ PSA_SUCCESS
+},
+
+{"Test psa_key_derivation to get 32 Byte data with MD-5\n", 3, PSA_KEY_TYPE_DERIVE,
+{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
+ 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_MD5),
+ {0}, 0, {0}, 0, 64,
+ PSA_SUCCESS
+},
+
+{"Test psa_key_derivation to get 16 Byte data with salt and label\n", 4, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ "abcdefghijklmnop", 16, "This is a label", 15, 32,
+ PSA_SUCCESS
+},
+
+{"Test psa_key_derivation with invalid algorithm\n", 5, PSA_KEY_TYPE_DERIVE,
+{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
+ 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_RSA_PKCS1V15_CRYPT,
+ {0}, 0, {0}, 0, 64,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_key_derivation with too large capacity for alg and key\n", 6, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_1),
+ {0}, 0, {0}, 0, 5200,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_key_derivation with unsupported key type\n", 11, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ {0}, 0, {0}, 0, 32,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_key_derivation with incorrect usage\n", 12, PSA_KEY_TYPE_DERIVE,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+ {0}, 0, {0}, 0, 32,
+ PSA_ERROR_NOT_PERMITTED
+},
+};
+
+static test_data check2[] = {
+{"Test psa_key_derivation to get 32 Byte data with SHA-512\n", 13, PSA_KEY_TYPE_DERIVE,
+{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
+ 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_512),
+ {0}, 0, {0}, 0, 64,
+ PSA_SUCCESS
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c022/test_entry.c b/api-tests/dev_apis/crypto/test_c022/test_entry.c
new file mode 100644
index 0000000..2d7e798
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c022/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c022.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 22)
+#define TEST_DESC "Testing crypto generator functions APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c022_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c023/source.mk b/api-tests/dev_apis/crypto/test_c023/source.mk
new file mode 100644
index 0000000..8c97170
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c023/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c023.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c023/test_c023.c b/api-tests/dev_apis/crypto/test_c023/test_c023.c
new file mode 100644
index 0000000..9c786dc
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c023/test_c023.c
@@ -0,0 +1,68 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c023.h"
+#include "test_data.h"
+#include "val_crypto.h"
+
+client_test_t test_c023_crypto_list[] = {
+ NULL,
+ psa_key_policy_get_usage_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+
+int32_t psa_key_policy_get_usage_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ psa_key_policy_t policy;
+ psa_key_usage_t usage;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Retrieve the usage field of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_GET_USAGE, &policy, &usage);
+
+ TEST_ASSERT_EQUAL(usage, check1[i].usage, TEST_CHECKPOINT_NUM(3));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c023/test_c023.h b/api-tests/dev_apis/crypto/test_c023/test_c023.h
new file mode 100644
index 0000000..43c40e4
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c023/test_c023.h
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C023_CLIENT_TESTS_H_
+#define _TEST_C023_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c023)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c023_crypto_list[];
+
+int32_t psa_key_policy_get_usage_test(security_t caller);
+#endif /* _TEST_C023_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c023/test_data.h b/api-tests/dev_apis/crypto/test_c023/test_data.h
new file mode 100644
index 0000000..6c3670b
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c023/test_data.h
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+} test_data;
+
+static test_data check1[] = {
+{"Test psa_key_policy_get_usage with usage as encrypt\n",
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+},
+
+{"Test psa_key_policy_get_usage with usage as decrypt\n",
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+},
+
+{"Test psa_key_policy_get_usage with usage as derive\n",
+ PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+},
+
+{"Test psa_key_policy_get_usage with usage as export\n",
+ PSA_KEY_USAGE_EXPORT, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+},
+
+{"Test psa_key_policy_get_usage with usage as sign\n",
+ PSA_KEY_USAGE_SIGN, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+},
+
+{"Test psa_key_policy_get_usage with usage as verify\n",
+ PSA_KEY_USAGE_VERIFY, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+},
+
+};
diff --git a/api-tests/dev_apis/crypto/test_c023/test_entry.c b/api-tests/dev_apis/crypto/test_c023/test_entry.c
new file mode 100644
index 0000000..d177a9d
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c023/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c023.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 23)
+#define TEST_DESC "Testing crypto key management APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c023_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c024/source.mk b/api-tests/dev_apis/crypto/test_c024/source.mk
new file mode 100644
index 0000000..301c6d2
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c024/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c024.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c024/test_c024.c b/api-tests/dev_apis/crypto/test_c024/test_c024.c
new file mode 100644
index 0000000..2efc31a
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c024/test_c024.c
@@ -0,0 +1,207 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c024.h"
+#include "test_data.h"
+
+client_test_t test_c024_crypto_list[] = {
+ NULL,
+ psa_aead_encrypt_test,
+ psa_aead_encrypt_negative_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+
+static bool_t is_buffer_empty(uint8_t *buffer, size_t size)
+{
+ int i;
+
+ for (i = 0; i < size; i++)
+ {
+ if (buffer[i] != 0)
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
+int32_t psa_aead_encrypt_test(security_t caller)
+{
+ int32_t i, status;
+ uint8_t ciphertext[BUFFER_SIZE];
+ psa_key_policy_t policy;
+ size_t ciphertext_length;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ uint8_t *nonce, *additional_data;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ memset(ciphertext, 0, sizeof(ciphertext));
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, check1[i].key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ if (is_buffer_empty(check1[i].nonce, check1[i].nonce_length) == TRUE)
+ nonce = NULL;
+ else
+ nonce = check1[i].nonce;
+
+ if (is_buffer_empty(check1[i].additional_data, check1[i].additional_data_length) == TRUE)
+ additional_data = NULL;
+ else
+ additional_data = check1[i].additional_data;
+
+ /* Process an authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT, check1[i].key_handle,
+ check1[i].key_alg, nonce, check1[i].nonce_length, additional_data,
+ check1[i].additional_data_length, check1[i].plaintext,
+ check1[i].plaintext_length, ciphertext, check1[i].ciphertext_size,
+ &ciphertext_length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ continue;
+
+ /* Check if the length matches */
+ TEST_ASSERT_EQUAL(ciphertext_length,
+ check1[i].expected_ciphertext_length,
+ TEST_CHECKPOINT_NUM(7));
+
+ /* Check if the data matches */
+ TEST_ASSERT_MEMCMP(ciphertext, check1[i].expected_ciphertext, ciphertext_length,
+ TEST_CHECKPOINT_NUM(8));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_aead_encrypt_negative_test(security_t caller)
+{
+ int32_t i, status;
+ uint8_t ciphertext[BUFFER_SIZE];
+ psa_key_policy_t policy;
+ size_t ciphertext_length;
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ uint8_t *nonce, *additional_data;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
+ check2[i].key_alg);
+
+ if (is_buffer_empty(check2[i].nonce, check2[i].nonce_length) == TRUE)
+ nonce = NULL;
+ else
+ nonce = check2[i].nonce;
+
+ if (is_buffer_empty(check2[i].additional_data, check2[i].additional_data_length) == TRUE)
+ additional_data = NULL;
+ else
+ additional_data = check2[i].additional_data;
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_aead_encrypt - invalid key handle\n",
+ g_test_count++);
+ /* Process an authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT, check2[i].key_handle,
+ check2[i].key_alg, nonce, check2[i].nonce_length, additional_data,
+ check2[i].additional_data_length, check2[i].plaintext,
+ check2[i].plaintext_length, ciphertext, check2[i].ciphertext_size,
+ &ciphertext_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_aead_encrypt - zero as key handle\n",
+ g_test_count++);
+ /* Process an authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT, 0,
+ check2[i].key_alg, nonce, check2[i].nonce_length, additional_data,
+ check2[i].additional_data_length, check2[i].plaintext,
+ check2[i].plaintext_length, ciphertext, check2[i].ciphertext_size,
+ &ciphertext_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_aead_encrypt - empty key handle\n",
+ g_test_count++);
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check2[i].key_type,
+ check2[i].key_length, &check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Process an authenticated encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_ENCRYPT, check2[i].key_handle,
+ check2[i].key_alg, nonce, check2[i].nonce_length, additional_data,
+ check2[i].additional_data_length, check2[i].plaintext,
+ check2[i].plaintext_length, ciphertext, check2[i].ciphertext_size,
+ &ciphertext_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_EMPTY_SLOT, TEST_CHECKPOINT_NUM(7));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c024/test_c024.h b/api-tests/dev_apis/crypto/test_c024/test_c024.h
new file mode 100644
index 0000000..5060e3e
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c024/test_c024.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C024_CLIENT_TESTS_H_
+#define _TEST_C024_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c024)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c024_crypto_list[];
+
+int32_t psa_aead_encrypt_test(security_t caller);
+int32_t psa_aead_encrypt_negative_test(security_t caller);
+
+#endif /* _TEST_C024_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c024/test_data.h b/api-tests/dev_apis/crypto/test_c024/test_data.h
new file mode 100644
index 0000000..e2d3665
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c024/test_data.h
@@ -0,0 +1,158 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+#define EMPTY_KEY_SLOT 31
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ uint8_t nonce[16];
+ size_t nonce_length;
+ uint8_t additional_data[32];
+ size_t additional_data_length;
+ uint8_t plaintext[30];
+ size_t plaintext_length;
+ uint8_t expected_ciphertext[45];
+ size_t ciphertext_size;
+ size_t expected_ciphertext_length;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+{"Test psa_aead_encrypt - CCM - 16B AES - 13B nounce & 8B addi data\n", 1, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM,
+{0x00, 0x41, 0x2B, 0x4E, 0xA9, 0xCD, 0xBE, 0x3C, 0x96, 0x96, 0x76, 0x6C, 0xFA},
+ 13,
+{0x0B, 0xE1, 0xA8, 0x8B, 0xAC, 0xE0, 0x18, 0xB1}, 8,
+{0x08, 0xE8, 0xCF, 0x97, 0xD8, 0x20, 0xEA, 0x25, 0x84, 0x60, 0xE9, 0x6A, 0xD9,
+ 0xCF, 0x52, 0x89, 0x05, 0x4D, 0x89, 0x5C, 0xEA, 0xC4, 0x7C}, 23,
+{0x4C, 0xB9, 0x7F, 0x86, 0xA2, 0xA4, 0x68, 0x9A, 0x87, 0x79, 0x47, 0xAB, 0x80,
+ 0x91, 0xEF, 0x53, 0x86, 0xA6, 0xFF, 0xBD, 0xD0, 0x80, 0xF8, 0x12, 0x03, 0x33,
+ 0xD1, 0xFC, 0xB6, 0x91, 0xF3, 0x40, 0x6C, 0xBF, 0x53, 0x1F, 0x83, 0xA4, 0xD8},
+ BUFFER_SIZE, 39, PSA_SUCCESS
+},
+
+{"Test psa_aead_encrypt - AES-CCM\n", 2, PSA_KEY_TYPE_AES,
+{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
+ 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM,
+{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
+ 13,
+{0x40, 0xa2, 0x7c, 0x1d, 0x1e, 0x23, 0xea, 0x3d, 0xbe, 0x80, 0x56, 0xb2, 0x77,
+ 0x48, 0x61, 0xa4, 0xa2, 0x01, 0xcc, 0xe4, 0x9f, 0x19, 0x99, 0x7d, 0x19, 0x20,
+ 0x6d, 0x8c, 0x8a, 0x34, 0x39, 0x51}, 32,
+{0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8,
+ 0x25, 0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef}, 24,
+{0x26, 0xc5, 0x69, 0x61, 0xc0, 0x35, 0xa7, 0xe4, 0x52, 0xcc, 0xe6, 0x1b, 0xc6,
+ 0xee, 0x22, 0x0d, 0x77, 0xb3, 0xf9, 0x4d, 0x18, 0xfd, 0x10, 0xb6, 0xd8, 0x0e,
+ 0x8b, 0xf8, 0x0f, 0x4a, 0x46, 0xca, 0xb0, 0x6d, 0x43, 0x13, 0xf0, 0xdb, 0x9b,
+ 0xe9}, BUFFER_SIZE, 40, PSA_SUCCESS
+},
+
+{"Test psa_aead_encrypt - AES-CCM 24 bytes Tag length = 4\n", 3, PSA_KEY_TYPE_AES,
+{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
+ 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT,
+ PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
+{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
+ 13,
+{0x40, 0xa2, 0x7c, 0x1d, 0x1e, 0x23, 0xea, 0x3d, 0xbe, 0x80, 0x56, 0xb2, 0x77,
+ 0x48, 0x61, 0xa4, 0xa2, 0x01, 0xcc, 0xe4, 0x9f, 0x19, 0x99, 0x7d, 0x19, 0x20,
+ 0x6d, 0x8c, 0x8a, 0x34, 0x39, 0x51}, 32,
+{0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8,
+ 0x25, 0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef}, 24,
+{0x26, 0xc5, 0x69, 0x61, 0xc0, 0x35, 0xa7, 0xe4, 0x52, 0xcc, 0xe6, 0x1b, 0xc6,
+ 0xee, 0x22, 0x0d, 0x77, 0xb3, 0xf9, 0x4d, 0x18, 0xfd, 0x10, 0xb6, 0x64, 0x3b,
+ 0x4f, 0x39},
+ BUFFER_SIZE, 28, PSA_SUCCESS
+},
+
+{"Test psa_aead_encrypt - GCM - 16B AES - 12B Nounce & 12B addi data\n",
+4, PSA_KEY_TYPE_AES,
+{0x3d, 0xe0, 0x98, 0x74, 0xb3, 0x88, 0xe6, 0x49, 0x19, 0x88, 0xd0, 0xc3, 0x60,
+ 0x7e, 0xae, 0x1f}, 16, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_GCM,
+{0x57, 0x69, 0x0e, 0x43, 0x4e, 0x28, 0x00, 0x00, 0xa2, 0xfc, 0xa1, 0xa3}, 12,
+{0x42, 0xf6, 0x7e, 0x3f, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}, 12,
+{0x45, 0x00, 0x00, 0x1c, 0x42, 0xa2, 0x00, 0x00, 0x80, 0x01, 0x44, 0x1f, 0x40,
+ 0x67, 0x93, 0xb6, 0xe0, 0x00, 0x00, 0x02, 0x0a, 0x00, 0xf5, 0xff, 0x01, 0x02,
+ 0x02, 0x01}, 28,
+{0xFB, 0xA2, 0xCA, 0x84, 0x5E, 0x5D, 0xF9, 0xF0, 0xF2, 0x2C, 0x3E, 0x6E, 0x86,
+ 0xDD, 0x83, 0x1E, 0x1F, 0xC6, 0x57, 0x92, 0xCD, 0x1A, 0xF9, 0x13, 0x0E, 0x13,
+ 0x79, 0xED, 0x36, 0x9F, 0x07, 0x1F, 0x35, 0xE0, 0x34, 0xBE, 0x95, 0xF1, 0x12,
+ 0xE4, 0xE7, 0xD0, 0x5D, 0x35},
+ BUFFER_SIZE, 44, PSA_SUCCESS
+},
+
+{"Test psa_aead_encrypt - DES Key\n", 5, PSA_KEY_TYPE_DES,
+{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29}, DES_8B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CCM,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B}, 12,
+{0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25, 0x20, 0xC3, 0x3C, 0x49, 0xFD, 0x70}, 12,
+{0xB9, 0x6B, 0x49, 0xE2, 0x1D, 0x62, 0x17, 0x41, 0x63, 0x28, 0x75, 0xDB, 0x7F,
+ 0x6C, 0x92, 0x43, 0xD2, 0xD7, 0xC2}, 19,
+{0}, BUFFER_SIZE, 0, PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_aead_encrypt - Unsupported Algorithm\n", 6, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CFB,
+{0}, 13, {0}, 0, "hello world", 11,
+{0x5D, 0xC1, 0x72, 0x23, 0x66, 0x96, 0xFD, 0xFC, 0x93, 0x06, 0x27, 0x52, 0xC7,
+ 0x0A, 0xCB, 0x36, 0x55, 0x30, 0xC9, 0x48, 0x8F, 0x5E, 0xA5, 0xB9, 0x51, 0xFB,
+ 0x4E},
+ BUFFER_SIZE, 27, PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_aead_encrypt - Invalid key usage\n", 7, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_GCM,
+{0}, 13, {0}, 0, "hello world", 11,
+{0x5D, 0xC1, 0x72, 0x23, 0x66, 0x96, 0xFD, 0xFC, 0x93, 0x06, 0x27, 0x52, 0xC7,
+ 0x0A, 0xCB, 0x36, 0x55, 0x30, 0xC9, 0x48, 0x8F, 0x5E, 0xA5, 0xB9, 0x51, 0xFB,
+ 0x4E},
+ BUFFER_SIZE, 27, PSA_ERROR_NOT_PERMITTED
+},
+
+{"Test psa_aead_encrypt - Small output buffer size\n", 8, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_GCM,
+{0}, 13, {0}, 0, "hello world", 11,
+{0x5D, 0xC1, 0x72, 0x23, 0x66, 0x96, 0xFD, 0xFC, 0x93, 0x06, 0x27, 0x52, 0xC7,
+ 0x0A, 0xCB, 0x36, 0x55, 0x30, 0xC9, 0x48, 0x8F, 0x5E, 0xA5, 0xB9, 0x51, 0xFB,
+ 0x4E},
+ 10, 27, PSA_ERROR_NOT_PERMITTED
+},
+};
+
+static test_data check2[] = {
+{"Test psa_aead_encrypt - Negative case\n", 9, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_GCM,
+{0}, 13, {0}, 0, "hello world", 11,
+{0x5D, 0xC1, 0x72, 0x23, 0x66, 0x96, 0xFD, 0xFC, 0x93, 0x06, 0x27, 0x52, 0xC7,
+ 0x0A, 0xCB, 0x36, 0x55, 0x30, 0xC9, 0x48, 0x8F, 0x5E, 0xA5, 0xB9, 0x51, 0xFB,
+ 0x4E},
+ BUFFER_SIZE, 27, PSA_ERROR_EMPTY_SLOT
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c024/test_entry.c b/api-tests/dev_apis/crypto/test_c024/test_entry.c
new file mode 100644
index 0000000..caf7415
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c024/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c024.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 24)
+#define TEST_DESC "Testing crypto AEAD APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c024_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c025/source.mk b/api-tests/dev_apis/crypto/test_c025/source.mk
new file mode 100644
index 0000000..cd669a9
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c025/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c025.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c025/test_c025.c b/api-tests/dev_apis/crypto/test_c025/test_c025.c
new file mode 100644
index 0000000..b8425c8
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c025/test_c025.c
@@ -0,0 +1,201 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c025.h"
+#include "test_data.h"
+
+client_test_t test_c025_crypto_list[] = {
+ NULL,
+ psa_aead_decrypt_test,
+ psa_aead_decrypt_negative_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+
+static bool_t is_buffer_empty(uint8_t *buffer, size_t size)
+{
+ int i;
+
+ for (i = 0; i < size; i++)
+ {
+ if (buffer[i] != 0)
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
+int32_t psa_aead_decrypt_test(security_t caller)
+{
+ int32_t i, status;
+ uint8_t plaintext[BUFFER_SIZE];
+ psa_key_policy_t policy;
+ size_t plaintext_length;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ uint8_t *nonce, *additional_data;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ memset(plaintext, 0, sizeof(plaintext));
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, check1[i].key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ if (is_buffer_empty(check1[i].nonce, check1[i].nonce_length) == TRUE)
+ nonce = NULL;
+ else
+ nonce = check1[i].nonce;
+
+ if (is_buffer_empty(check1[i].additional_data, check1[i].additional_data_length) == TRUE)
+ additional_data = NULL;
+ else
+ additional_data = check1[i].additional_data;
+
+ /* Process an authenticated decryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT, check1[i].key_handle,
+ check1[i].key_alg, nonce, check1[i].nonce_length, additional_data,
+ check1[i].additional_data_length, check1[i].ciphertext, check1[i].ciphertext_size,
+ plaintext, check1[i].plaintext_size, &plaintext_length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ continue;
+
+ /* Check if the length matches */
+ TEST_ASSERT_EQUAL(plaintext_length, check1[i].expected_plaintext_length,
+ TEST_CHECKPOINT_NUM(7));
+
+ /* Check if the data matches */
+ TEST_ASSERT_MEMCMP(plaintext, check1[i].expected_plaintext, plaintext_length,
+ TEST_CHECKPOINT_NUM(8));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_aead_decrypt_negative_test(security_t caller)
+{
+ int32_t i, status;
+ uint8_t plaintext[BUFFER_SIZE];
+ psa_key_policy_t policy;
+ size_t plaintext_length;
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ uint8_t *nonce, *additional_data;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
+ check2[i].key_alg);
+
+ if (is_buffer_empty(check2[i].nonce, check2[i].nonce_length) == TRUE)
+ nonce = NULL;
+ else
+ nonce = check2[i].nonce;
+
+ if (is_buffer_empty(check2[i].additional_data, check2[i].additional_data_length) == TRUE)
+ additional_data = NULL;
+ else
+ additional_data = check2[i].additional_data;
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_aead_decrypt - invalid key handle\n",
+ g_test_count++);
+ /* Process an authenticated decryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT, check2[i].key_handle,
+ check2[i].key_alg, nonce, check2[i].nonce_length, additional_data,
+ check2[i].additional_data_length, check2[i].ciphertext, check2[i].ciphertext_size,
+ plaintext, check2[i].plaintext_size, &plaintext_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_aead_decrypt - zero as key handle\n",
+ g_test_count++);
+ /* Process an authenticated decryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT, 0,
+ check2[i].key_alg, nonce, check2[i].nonce_length, additional_data,
+ check2[i].additional_data_length, check2[i].ciphertext, check2[i].ciphertext_size,
+ plaintext, check2[i].plaintext_size, &plaintext_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_aead_decrypt - empty key handle\n",
+ g_test_count++);
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check2[i].key_type,
+ check2[i].key_length, &check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Process an authenticated decryption operation */
+ status = val->crypto_function(VAL_CRYPTO_AEAD_DECRYPT, check2[i].key_handle,
+ check2[i].key_alg, nonce, check2[i].nonce_length, additional_data,
+ check2[i].additional_data_length, check2[i].ciphertext, check2[i].ciphertext_size,
+ plaintext, check2[i].plaintext_size, &plaintext_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_EMPTY_SLOT, TEST_CHECKPOINT_NUM(7));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c025/test_c025.h b/api-tests/dev_apis/crypto/test_c025/test_c025.h
new file mode 100644
index 0000000..5b0667b
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c025/test_c025.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C025_CLIENT_TESTS_H_
+#define _TEST_C025_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c025)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c025_crypto_list[];
+
+int32_t psa_aead_decrypt_test(security_t caller);
+int32_t psa_aead_decrypt_negative_test(security_t caller);
+
+#endif /* _TEST_C025_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c025/test_data.h b/api-tests/dev_apis/crypto/test_c025/test_data.h
new file mode 100644
index 0000000..a8e8da4
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c025/test_data.h
@@ -0,0 +1,187 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+#define EMPTY_KEY_SLOT 31
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ uint8_t nonce[16];
+ size_t nonce_length;
+ uint8_t additional_data[32];
+ size_t additional_data_length;
+ uint8_t expected_plaintext[30];
+ size_t plaintext_size;
+ uint8_t ciphertext[45];
+ size_t ciphertext_size;
+ size_t expected_plaintext_length;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+{"Test psa_aead_decrypt - CCM - 16B AES - 13B nounce & 8B addi data\n", 1, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM,
+{0x00, 0x41, 0x2B, 0x4E, 0xA9, 0xCD, 0xBE, 0x3C, 0x96, 0x96, 0x76, 0x6C, 0xFA},
+ 13,
+{0x0B, 0xE1, 0xA8, 0x8B, 0xAC, 0xE0, 0x18, 0xB1}, 8,
+{0x08, 0xE8, 0xCF, 0x97, 0xD8, 0x20, 0xEA, 0x25, 0x84, 0x60, 0xE9, 0x6A, 0xD9,
+ 0xCF, 0x52, 0x89, 0x05, 0x4D, 0x89, 0x5C, 0xEA, 0xC4, 0x7C}, BUFFER_SIZE,
+{0x4C, 0xB9, 0x7F, 0x86, 0xA2, 0xA4, 0x68, 0x9A, 0x87, 0x79, 0x47, 0xAB, 0x80,
+ 0x91, 0xEF, 0x53, 0x86, 0xA6, 0xFF, 0xBD, 0xD0, 0x80, 0xF8, 0x12, 0x03, 0x33,
+ 0xD1, 0xFC, 0xB6, 0x91, 0xF3, 0x40, 0x6C, 0xBF, 0x53, 0x1F, 0x83, 0xA4, 0xD8},
+ 39, 23, PSA_SUCCESS
+},
+
+{"Test psa_aead_encrypt - AES-CCM\n", 2, PSA_KEY_TYPE_AES,
+{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
+ 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM,
+{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
+ 13,
+{0x40, 0xa2, 0x7c, 0x1d, 0x1e, 0x23, 0xea, 0x3d, 0xbe, 0x80, 0x56, 0xb2, 0x77,
+ 0x48, 0x61, 0xa4, 0xa2, 0x01, 0xcc, 0xe4, 0x9f, 0x19, 0x99, 0x7d, 0x19, 0x20,
+ 0x6d, 0x8c, 0x8a, 0x34, 0x39, 0x51}, 32,
+{0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8,
+ 0x25, 0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef}, BUFFER_SIZE,
+{0x26, 0xc5, 0x69, 0x61, 0xc0, 0x35, 0xa7, 0xe4, 0x52, 0xcc, 0xe6, 0x1b, 0xc6,
+ 0xee, 0x22, 0x0d, 0x77, 0xb3, 0xf9, 0x4d, 0x18, 0xfd, 0x10, 0xb6, 0xd8, 0x0e,
+ 0x8b, 0xf8, 0x0f, 0x4a, 0x46, 0xca, 0xb0, 0x6d, 0x43, 0x13, 0xf0, 0xdb, 0x9b,
+ 0xe9}, 40, 24, PSA_SUCCESS
+},
+
+{"Test psa_aead_encrypt - AES-CCM 24 bytes Tag length = 4\n", 3, PSA_KEY_TYPE_AES,
+{0x41, 0x89, 0x35, 0x1B, 0x5C, 0xAE, 0xA3, 0x75, 0xA0, 0x29, 0x9E, 0x81, 0xC6,
+ 0x21, 0xBF, 0x43}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT,
+ PSA_ALG_AEAD_WITH_TAG_LENGTH(PSA_ALG_CCM, 4),
+{0x48, 0xc0, 0x90, 0x69, 0x30, 0x56, 0x1e, 0x0a, 0xb0, 0xef, 0x4c, 0xd9, 0x72},
+ 13,
+{0x40, 0xa2, 0x7c, 0x1d, 0x1e, 0x23, 0xea, 0x3d, 0xbe, 0x80, 0x56, 0xb2, 0x77,
+ 0x48, 0x61, 0xa4, 0xa2, 0x01, 0xcc, 0xe4, 0x9f, 0x19, 0x99, 0x7d, 0x19, 0x20,
+ 0x6d, 0x8c, 0x8a, 0x34, 0x39, 0x51}, 32,
+{0x45, 0x35, 0xd1, 0x2b, 0x43, 0x77, 0x92, 0x8a, 0x7c, 0x0a, 0x61, 0xc9, 0xf8,
+ 0x25, 0xa4, 0x86, 0x71, 0xea, 0x05, 0x91, 0x07, 0x48, 0xc8, 0xef}, BUFFER_SIZE,
+{0x26, 0xc5, 0x69, 0x61, 0xc0, 0x35, 0xa7, 0xe4, 0x52, 0xcc, 0xe6, 0x1b, 0xc6,
+ 0xee, 0x22, 0x0d, 0x77, 0xb3, 0xf9, 0x4d, 0x18, 0xfd, 0x10, 0xb6, 0x64, 0x3b,
+ 0x4f, 0x39},
+ 28, 24, PSA_SUCCESS
+},
+
+{"Test psa_aead_decrypt - GCM - 16B AES - 12B Nounce & 12B addi data\n", 4, PSA_KEY_TYPE_AES,
+{0x3d, 0xe0, 0x98, 0x74, 0xb3, 0x88, 0xe6, 0x49, 0x19, 0x88, 0xd0, 0xc3, 0x60,
+ 0x7e, 0xae, 0x1f}, 16, PSA_KEY_USAGE_DECRYPT, PSA_ALG_GCM,
+{0x57, 0x69, 0x0e, 0x43, 0x4e, 0x28, 0x00, 0x00, 0xa2, 0xfc, 0xa1, 0xa3}, 12,
+{0x42, 0xf6, 0x7e, 0x3f, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}, 12,
+{0x45, 0x00, 0x00, 0x1c, 0x42, 0xa2, 0x00, 0x00, 0x80, 0x01, 0x44, 0x1f, 0x40,
+ 0x67, 0x93, 0xb6, 0xe0, 0x00, 0x00, 0x02, 0x0a, 0x00, 0xf5, 0xff, 0x01, 0x02,
+ 0x02, 0x01}, BUFFER_SIZE,
+{0xFB, 0xA2, 0xCA, 0x84, 0x5E, 0x5D, 0xF9, 0xF0, 0xF2, 0x2C, 0x3E, 0x6E, 0x86,
+ 0xDD, 0x83, 0x1E, 0x1F, 0xC6, 0x57, 0x92, 0xCD, 0x1A, 0xF9, 0x13, 0x0E, 0x13,
+ 0x79, 0xED, 0x36, 0x9F, 0x07, 0x1F, 0x35, 0xE0, 0x34, 0xBE, 0x95, 0xF1, 0x12,
+ 0xE4, 0xE7, 0xD0, 0x5D, 0x35},
+ 44, 28, PSA_SUCCESS
+},
+
+{"Test psa_aead_decrypt - DES Key\n", 5, PSA_KEY_TYPE_DES,
+{0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29}, DES_8B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B}, 12,
+{0xEC, 0x46, 0xBB, 0x63, 0xB0, 0x25, 0x20, 0xC3, 0x3C, 0x49, 0xFD, 0x70}, 12,
+{0xB9, 0x6B, 0x49, 0xE2, 0x1D, 0x62, 0x17, 0x41, 0x63, 0x28, 0x75, 0xDB, 0x7F,
+ 0x6C, 0x92, 0x43, 0xD2, 0xD7, 0xC2}, BUFFER_SIZE,
+{0}, 11, 0, PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_aead_decrypt - Unsupported Algorithm\n", 6, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CFB,
+{0}, 13, {0}, 0, "hello world", BUFFER_SIZE,
+{0x5D, 0xC1, 0x72, 0x23, 0x66, 0x96, 0xFD, 0xFC, 0x93, 0x06, 0x27, 0x52, 0xC7,
+ 0x0A, 0xCB, 0x36, 0x55, 0x30, 0xC9, 0x48, 0x8F, 0x5E, 0xA5, 0xB9, 0x51, 0xFB,
+ 0x4E},
+ 27, 11, PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_aead_decrypt - Invalid key usage\n", 7, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_GCM,
+{0}, 13, {0}, 0, "hello world", BUFFER_SIZE,
+{0x5D, 0xC1, 0x72, 0x23, 0x66, 0x96, 0xFD, 0xFC, 0x93, 0x06, 0x27, 0x52, 0xC7,
+ 0x0A, 0xCB, 0x36, 0x55, 0x30, 0xC9, 0x48, 0x8F, 0x5E, 0xA5, 0xB9, 0x51, 0xFB,
+ 0x4E},
+ 27, 11, PSA_ERROR_NOT_PERMITTED
+},
+
+{"Test psa_aead_decrypt - Small output buffer size\n", 8, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_GCM,
+{0}, 13, {0}, 0, "hello world", 10,
+{0x5D, 0xC1, 0x72, 0x23, 0x66, 0x96, 0xFD, 0xFC, 0x93, 0x06, 0x27, 0x52, 0xC7,
+ 0x0A, 0xCB, 0x36, 0x55, 0x30, 0xC9, 0x48, 0x8F, 0x5E, 0xA5, 0xB9, 0x51, 0xFB,
+ 0x4E},
+ 27, 11, PSA_ERROR_BUFFER_TOO_SMALL
+},
+
+{"Test psa_aead_decrypt - Invalid cipher text\n", 9, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM,
+{0x00, 0x41, 0x2B, 0x4E, 0xA9, 0xCD, 0xBE, 0x3C, 0x96, 0x96, 0x76, 0x6C, 0xFA},
+ 13,
+{0x0B, 0xE1, 0xA8, 0x8B, 0xAC, 0xE0, 0x18, 0xB1}, 8,
+{0x08, 0xE8, 0xCF, 0x97, 0xD8, 0x20, 0xEA, 0x25, 0x84, 0x60, 0xE9, 0x6A, 0xD9,
+ 0xCF, 0x52, 0x89, 0x05, 0x4D, 0x89, 0x5C, 0xEA, 0xC4, 0x7C}, BUFFER_SIZE,
+{0x4C, 0xB8, 0x7F, 0x86, 0xA2, 0xA4, 0x68, 0x9A, 0x87, 0x79, 0x47, 0xAB, 0x80,
+ 0x91, 0xEF, 0x53, 0x86, 0xA6, 0xFF, 0xBD, 0xD0, 0x80, 0xF8, 0x12, 0x03, 0x33,
+ 0xD1, 0xFC, 0xB6, 0x91, 0xF3, 0x40, 0x6C, 0xBF, 0x53, 0x1F, 0x83, 0xA4, 0xD8},
+ 39, 23, PSA_ERROR_INVALID_SIGNATURE
+},
+
+{"Test psa_aead_decrypt - Invalid cipher text size\n", 10, PSA_KEY_TYPE_AES,
+{0xD7, 0x82, 0x8D, 0x13, 0xB2, 0xB0, 0xBD, 0xC3, 0x25, 0xA7, 0x62, 0x36, 0xDF,
+ 0x93, 0xCC, 0x6B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CCM,
+{0x00, 0x41, 0x2B, 0x4E, 0xA9, 0xCD, 0xBE, 0x3C, 0x96, 0x96, 0x76, 0x6C, 0xFA},
+ 13,
+{0x0B, 0xE1, 0xA8, 0x8B, 0xAC, 0xE0, 0x18, 0xB1}, 8,
+{0x08, 0xE8, 0xCF, 0x97, 0xD8, 0x20, 0xEA, 0x25, 0x84, 0x60, 0xE9, 0x6A, 0xD9,
+ 0xCF, 0x52, 0x89, 0x05, 0x4D, 0x89, 0x5C, 0xEA, 0xC4, 0x7C}, BUFFER_SIZE,
+{0x4C, 0xB9, 0x7F, 0x86, 0xA2, 0xA4, 0x68, 0x9A, 0x87, 0x79, 0x47, 0xAB, 0x80,
+ 0x91, 0xEF, 0x53, 0x86, 0xA6, 0xFF, 0xBD, 0xD0, 0x80, 0xF8, 0x12, 0x03, 0x33,
+ 0xD1, 0xFC, 0xB6, 0x91, 0xF3, 0x40, 0x6C, 0xBF, 0x53, 0x1F, 0x83, 0xA4},
+ 38, 23, PSA_ERROR_INVALID_SIGNATURE
+},
+};
+
+static test_data check2[] = {
+{"Test psa_aead_decrypt - Negative cases\n", 11, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_GCM,
+{0}, 13, {0}, 0, "hello world", BUFFER_SIZE,
+{0x5D, 0xC1, 0x72, 0x23, 0x66, 0x96, 0xFD, 0xFC, 0x93, 0x06, 0x27, 0x52, 0xC7,
+ 0x0A, 0xCB, 0x36, 0x55, 0x30, 0xC9, 0x48, 0x8F, 0x5E, 0xA5, 0xB9, 0x51, 0xFB,
+ 0x4E},
+ 11, 27, PSA_ERROR_INVALID_ARGUMENT
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c025/test_entry.c b/api-tests/dev_apis/crypto/test_c025/test_entry.c
new file mode 100644
index 0000000..f71ac41
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c025/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c025.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 25)
+#define TEST_DESC "Testing crypto AEAD APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c025_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c026/source.mk b/api-tests/dev_apis/crypto/test_c026/source.mk
new file mode 100644
index 0000000..fa602b6
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c026/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c026.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c026/test_c026.c b/api-tests/dev_apis/crypto/test_c026/test_c026.c
new file mode 100644
index 0000000..b717f96
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c026/test_c026.c
@@ -0,0 +1,149 @@
+
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c026.h"
+#include "test_data.h"
+
+client_test_t test_c026_crypto_list[] = {
+ NULL,
+ psa_mac_sign_setup_test,
+ psa_mac_sign_setup_negative_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static psa_mac_operation_t operation;
+
+int32_t psa_mac_sign_setup_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_policy_t policy;
+ int32_t i, status;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, check1[i].key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Start a multipart MAC calculation operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation,
+ check1[i].key_handle, check1[i].key_alg);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+
+ /* Abort a MAC operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_mac_sign_setup_negative_test(security_t caller)
+{
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ psa_key_policy_t policy;
+ int32_t i, status;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
+ check2[i].key_alg);
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_mac_sign_setup with invalid key handle\n",
+ g_test_count++);
+ /* Start a multipart MAC calculation operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation,
+ check2[i].key_handle, check2[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_mac_sign_setup with zero key handle\n",
+ g_test_count++);
+ /* Start a multipart MAC calculation operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation,
+ 0, check2[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_mac_sign_setup with empty key handle\n",
+ g_test_count++);
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check2[i].key_type,
+ check2[i].key_length, &check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Start a multipart MAC calculation operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation,
+ check2[i].key_handle, check2[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_EMPTY_SLOT, TEST_CHECKPOINT_NUM(7));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
diff --git a/api-tests/dev_apis/crypto/test_c026/test_c026.h b/api-tests/dev_apis/crypto/test_c026/test_c026.h
new file mode 100644
index 0000000..8d3e052
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c026/test_c026.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C026_CLIENT_TESTS_H_
+#define _TEST_C026_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c026)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c026_crypto_list[];
+
+int32_t psa_mac_sign_setup_test(security_t caller);
+int32_t psa_mac_sign_setup_negative_test(security_t caller);
+#endif /* _TEST_C026_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c026/test_data.h b/api-tests/dev_apis/crypto/test_c026/test_data.h
new file mode 100644
index 0000000..ea5e585
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c026/test_data.h
@@ -0,0 +1,122 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+#define EMPTY_KEY_SLOT 31
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[64];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+{"Test psa_mac_sign_setup 64 Byte HMAC\n", 1, PSA_KEY_TYPE_HMAC,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
+ 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
+ 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
+ 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33,
+ 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f},
+ 64, PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_sign_setup 16 Byte AES - CMAC\n", 2, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x00},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_SIGN, PSA_ALG_CMAC,
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_sign_setup 16 Byte AES - GMAC\n", 3, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x00},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_SIGN, PSA_ALG_GMAC,
+ PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_mac_sign_setup incompactible HMAC for CMAC\n", 4, PSA_KEY_TYPE_HMAC,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_SIGN, PSA_ALG_CMAC,
+ PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_mac_sign_setup invalid usage\n", 5, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CMAC,
+ PSA_ERROR_NOT_PERMITTED
+},
+
+{"Test psa_mac_sign_setup invalid key type\n", 7, PSA_KEY_TYPE_RAW_DATA,
+{0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B,
+ 0x0B, 0x0B, 0x0B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_mac_sign_setup truncated MAC too large\n", 8, PSA_KEY_TYPE_HMAC,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
+ 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
+ 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
+ 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33,
+ 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f},
+ 64, PSA_KEY_USAGE_SIGN, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 33),
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_mac_sign_setup truncated MAC too small\n", 9, PSA_KEY_TYPE_HMAC,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
+ 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
+ 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
+ 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33,
+ 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f},
+ 64, PSA_KEY_USAGE_SIGN, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1),
+ PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_mac_sign_setup bad algorithm (unknown MAC algorithm)\n", 10, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x00},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(0),
+ PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_mac_sign_setup bad algorithm (not a MAC algorithm)\n", 11, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x00},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_SIGN, PSA_ALG_CBC_NO_PADDING,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+};
+
+static test_data check2[] = {
+{"Test psa_mac_sign_setup - Negative case\n", 12, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x00},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_SIGN, PSA_ALG_CMAC,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c026/test_entry.c b/api-tests/dev_apis/crypto/test_c026/test_entry.c
new file mode 100644
index 0000000..89b3126
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c026/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c026.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 26)
+#define TEST_DESC "Testing crypto MAC APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c026_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c027/source.mk b/api-tests/dev_apis/crypto/test_c027/source.mk
new file mode 100644
index 0000000..98826de
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c027/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c027.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c027/test_c027.c b/api-tests/dev_apis/crypto/test_c027/test_c027.c
new file mode 100644
index 0000000..ff177cb
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c027/test_c027.c
@@ -0,0 +1,140 @@
+
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c027.h"
+#include "test_data.h"
+
+client_test_t test_c027_crypto_list[] = {
+ NULL,
+ psa_mac_update_test,
+ psa_mac_update_invalid_operator_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static uint8_t data[BUFFER_SIZE];
+
+int32_t psa_mac_update_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ size_t length;
+ psa_key_policy_t policy;
+ psa_mac_operation_t operation;
+
+ memset(data, 0, sizeof(data));
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, check1[i].key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Start a multipart MAC calculation operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation,
+ check1[i].key_handle, check1[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Add a message fragment to a multipart MAC operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_UPDATE, &operation, check1[i].data,
+ check1[i].data_size);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(7));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ /* Abort a MAC operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+ continue;
+ }
+
+ memset(data, 0, sizeof(data));
+
+ /* Finish the calculation of the MAC of a message */
+ status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_FINISH, &operation, data,
+ sizeof(data)/sizeof(data[0]), &length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+
+ /* Add a message fragment to the same multipart MAC operation*/
+ status = val->crypto_function(VAL_CRYPTO_MAC_UPDATE, &operation, check1[i].data,
+ check1[i].data_size);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(10));
+
+ /* Abort a MAC operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_mac_update_invalid_operator_test(security_t caller)
+{
+ psa_mac_operation_t operation;
+ int32_t status;
+
+ memset(data, 0xC0DECAFE, sizeof(data));
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, "Test psa_mac_update without mac setup\n", 0);
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ /* Start a multipart MAC calculation operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_UPDATE, &operation, data,
+ sizeof(data)/sizeof(data[0]));
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(2));
+
+ /* Abort a MAC operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c027/test_c027.h b/api-tests/dev_apis/crypto/test_c027/test_c027.h
new file mode 100644
index 0000000..ea4c22f
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c027/test_c027.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C027_CLIENT_TESTS_H_
+#define _TEST_C027_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c027)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c027_crypto_list[];
+
+int32_t psa_mac_update_test(security_t caller);
+int32_t psa_mac_update_invalid_operator_test(security_t caller);
+#endif /* _TEST_C027_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c027/test_data.h b/api-tests/dev_apis/crypto/test_c027/test_data.h
new file mode 100644
index 0000000..42952fd
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c027/test_data.h
@@ -0,0 +1,58 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[64];
+ uint32_t key_length;
+ uint8_t data[64];
+ size_t data_size;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+{"Test psa_mac_update 64 Byte HMAC SHA256\n", 1, PSA_KEY_TYPE_HMAC,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
+ 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
+ 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
+ 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33,
+ 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f},
+ 64, "hello world", 11, PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_update 16 Byte AES - CMAC\n", 2, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x00},
+ AES_16B_KEY_SIZE, "hello world", 11, PSA_KEY_USAGE_SIGN, PSA_ALG_CMAC,
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_update 32 Byte HMAC SHA512\n", 3, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b},
+ 32, "hello world", 11, PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_512),
+ PSA_SUCCESS
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c027/test_entry.c b/api-tests/dev_apis/crypto/test_c027/test_entry.c
new file mode 100644
index 0000000..fedebfc
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c027/test_entry.c
@@ -0,0 +1,52 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c027.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 27)
+#define TEST_DESC "Testing crypto MAC APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c027_crypto_list, FALSE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c028/source.mk b/api-tests/dev_apis/crypto/test_c028/source.mk
new file mode 100644
index 0000000..1d6b81c
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c028/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c028.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c028/test_c028.c b/api-tests/dev_apis/crypto/test_c028/test_c028.c
new file mode 100644
index 0000000..ee590b0
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c028/test_c028.c
@@ -0,0 +1,123 @@
+
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c028.h"
+#include "test_data.h"
+
+client_test_t test_c028_crypto_list[] = {
+ NULL,
+ psa_mac_sign_finish_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static uint8_t data[BUFFER_SIZE];
+
+int32_t psa_mac_sign_finish_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ size_t length;
+ psa_key_policy_t policy;
+ psa_mac_operation_t operation;
+
+ memset(data, 0, sizeof(data));
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, check1[i].key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Start a multipart MAC calculation operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation,
+ check1[i].key_handle, check1[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Add a message fragment to a multipart MAC operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_UPDATE, &operation, check1[i].data,
+ check1[i].data_size);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+
+ /* Finish the calculation of the MAC of a message */
+ status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_FINISH, &operation, data,
+ check1[i].mac_size, &length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(8));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ /* Abort a MAC operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ continue;
+ }
+
+ /* Check if the MAC length matches with the expected length */
+ TEST_ASSERT_EQUAL(length, check1[i].expected_length, TEST_CHECKPOINT_NUM(10));
+
+ /* Check if the MAC data matches with the expected data */
+ TEST_ASSERT_MEMCMP(check1[i].expected_data, data, length, TEST_CHECKPOINT_NUM(11));
+
+ memset(data, 0, sizeof(data));
+
+ /* Finish the calculation of the MAC of a message using same operation
+ * should return error
+ */
+ status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_FINISH, &operation, data,
+ check1[i].mac_size, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(12));
+
+ /* Abort a MAC operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(13));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c028/test_c028.h b/api-tests/dev_apis/crypto/test_c028/test_c028.h
new file mode 100644
index 0000000..a8b1b0f
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c028/test_c028.h
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C028_CLIENT_TESTS_H_
+#define _TEST_C028_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c028)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c028_crypto_list[];
+
+int32_t psa_mac_sign_finish_test(security_t caller);
+#endif /* _TEST_C028_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c028/test_data.h b/api-tests/dev_apis/crypto/test_c028/test_data.h
new file mode 100644
index 0000000..12bb404
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c028/test_data.h
@@ -0,0 +1,100 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[64];
+ uint32_t key_length;
+ uint8_t data[16];
+ size_t data_size;
+ uint8_t expected_data[64];
+ size_t mac_size;
+ size_t expected_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+{"Test psa_mac_sign_finish HMAC SHA 224\n", 1, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68, 0x32, 0x10, 0x7c, 0xd4,
+ 0x9d, 0xf3, 0x3f, 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 0x53, 0x68,
+ 0x4b, 0x22}, 64, 28,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_224),
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_sign_finish HMAC SHA 256\n", 2, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
+ 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
+ 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 64, 32,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_sign_finish HMAC SHA 512\n", 3, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x87, 0xaa, 0x7c, 0xde, 0xa5, 0xef, 0x61, 0x9d, 0x4f, 0xf0, 0xb4, 0x24, 0x1a,
+ 0x1d, 0x6c, 0xb0, 0x23, 0x79, 0xf4, 0xe2, 0xce, 0x4e, 0xc2, 0x78, 0x7a, 0xd0,
+ 0xb3, 0x05, 0x45, 0xe1, 0x7c, 0xde, 0xda, 0xa8, 0x33, 0xb7, 0xd6, 0xb8, 0xa7,
+ 0x02, 0x03, 0x8b, 0x27, 0x4e, 0xae, 0xa3, 0xf4, 0xe4, 0xbe, 0x9d, 0x91, 0x4e,
+ 0xeb, 0x61, 0xf1, 0x70, 0x2e, 0x69, 0x6c, 0x20, 0x3a, 0x12, 0x68, 0x54}, 64, 64,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_512),
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_sign_finish HMAC SHA 224 (truncated to 8 Byte)\n", 4, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68}, 64, 8,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 8),
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_sign_finish CMAC AES 128\n", 5, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, 16,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x9A, 0x8F, 0xFF, 0x8D, 0xA3, 0x5B, 0x97, 0xCB, 0x4C, 0x95, 0xF0, 0xFA, 0x6A,
+ 0xE7, 0xE0, 0x77}, 64, 16,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_CMAC,
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_sign_finish small size buffer\n", 6, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, 16,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x9A, 0x8F, 0xFF, 0x8D, 0xA3, 0x5B, 0x97, 0xCB, 0x4C, 0x95, 0xF0, 0xFA, 0x6A,
+ 0xE7, 0xE0, 0x77}, 8, 16,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_CMAC,
+ PSA_ERROR_BUFFER_TOO_SMALL
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c028/test_entry.c b/api-tests/dev_apis/crypto/test_c028/test_entry.c
new file mode 100644
index 0000000..86dda65
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c028/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c028.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 28)
+#define TEST_DESC "Testing crypto MAC APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c028_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c029/source.mk b/api-tests/dev_apis/crypto/test_c029/source.mk
new file mode 100644
index 0000000..5589784
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c029/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c029.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c029/test_c029.c b/api-tests/dev_apis/crypto/test_c029/test_c029.c
new file mode 100644
index 0000000..0e1e6fd
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c029/test_c029.c
@@ -0,0 +1,144 @@
+
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c029.h"
+#include "test_data.h"
+
+client_test_t test_c029_crypto_list[] = {
+ NULL,
+ psa_mac_verify_setup_test,
+ psa_mac_verify_setup_negative_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static psa_mac_operation_t operation;
+
+int32_t psa_mac_verify_setup_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ psa_key_policy_t policy;
+ int32_t i, status;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, check1[i].key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Start a multipart MAC verification operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_SETUP, &operation,
+ check1[i].key_handle, check1[i].key_alg);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+
+ /* Abort a MAC operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_mac_verify_setup_negative_test(security_t caller)
+{
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ psa_key_policy_t policy;
+ int32_t i, status;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
+ check2[i].key_alg);
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_mac_verify_setup invalid key handle\n",
+ g_test_count++);
+ /* Start a multipart MAC verification operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_SETUP, &operation,
+ check2[i].key_handle, check2[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_mac_verify_setup zero as key handle\n",
+ g_test_count++);
+ /* Start a multipart MAC verification operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_SETUP, &operation,
+ 0, check2[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check2[i].key_type,
+ check2[i].key_length, &check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_mac_verify_setup empty key handle\n",
+ g_test_count++);
+ /* Start a multipart MAC verification operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_SETUP, &operation,
+ check2[i].key_handle, check2[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_EMPTY_SLOT, TEST_CHECKPOINT_NUM(6));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
diff --git a/api-tests/dev_apis/crypto/test_c029/test_c029.h b/api-tests/dev_apis/crypto/test_c029/test_c029.h
new file mode 100644
index 0000000..b549fed
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c029/test_c029.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C029_CLIENT_TESTS_H_
+#define _TEST_C029_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c029)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c029_crypto_list[];
+
+int32_t psa_mac_verify_setup_test(security_t caller);
+int32_t psa_mac_verify_setup_negative_test(security_t caller);
+
+#endif /* _TEST_C029_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c029/test_data.h b/api-tests/dev_apis/crypto/test_c029/test_data.h
new file mode 100644
index 0000000..9ec441b
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c029/test_data.h
@@ -0,0 +1,124 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+#define EMPTY_KEY_SLOT 31
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[64];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+{"Test psa_mac_verify_setup 64 Byte HMAC\n", 1, PSA_KEY_TYPE_HMAC,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
+ 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
+ 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
+ 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33,
+ 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f},
+ 64, PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_verify_setup 16 Byte AES - CMAC\n", 2, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x00},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_VERIFY, PSA_ALG_CMAC,
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_verify_setup 16 Byte AES - GMAC\n", 3, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x00},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_VERIFY, PSA_ALG_GMAC,
+ PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_mac_verify_setup incompactible HMAC for CMAC\n", 4, PSA_KEY_TYPE_HMAC,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_VERIFY, PSA_ALG_CMAC,
+ PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_mac_verify_setup invalid usage\n", 5, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_CMAC,
+ PSA_ERROR_NOT_PERMITTED
+},
+
+{"Test psa_mac_verify_setup invalid key type\n", 6, PSA_KEY_TYPE_RAW_DATA,
+{0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B, 0x0B,
+ 0x0B, 0x0B, 0x0B},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_mac_verify_setup truncated MAC too large\n", 7, PSA_KEY_TYPE_HMAC,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
+ 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
+ 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
+ 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33,
+ 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f},
+ 64, PSA_KEY_USAGE_VERIFY, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 33),
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_mac_verify_setup truncated MAC too small\n", 8, PSA_KEY_TYPE_HMAC,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
+ 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
+ 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
+ 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33,
+ 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f},
+ 64, PSA_KEY_USAGE_VERIFY, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_256), 1),
+ PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_mac_verify_setup bad algorithm (unknown MAC algorithm)\n", 9, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x00},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(0),
+ PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_mac_verify_setup bad algorithm (not a MAC algorithm)\n", 10, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0x00},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_VERIFY, PSA_ALG_CBC_NO_PADDING,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+};
+
+static test_data check2[] = {
+{"Test psa_mac_verify_setup 64 negative case\n", 11, PSA_KEY_TYPE_HMAC,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
+ 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
+ 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26,
+ 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, 0x30, 0x31, 0x32, 0x33,
+ 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f},
+ 64, PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ PSA_SUCCESS
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c029/test_entry.c b/api-tests/dev_apis/crypto/test_c029/test_entry.c
new file mode 100644
index 0000000..78c323f
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c029/test_entry.c
@@ -0,0 +1,52 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c029.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 29)
+#define TEST_DESC "Testing crypto MAC APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c029_crypto_list, FALSE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c030/source.mk b/api-tests/dev_apis/crypto/test_c030/source.mk
new file mode 100644
index 0000000..ba8ca2e
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c030/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c030.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c030/test_c030.c b/api-tests/dev_apis/crypto/test_c030/test_c030.c
new file mode 100644
index 0000000..9cbb293
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c030/test_c030.c
@@ -0,0 +1,113 @@
+
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c030.h"
+#include "test_data.h"
+
+client_test_t test_c030_crypto_list[] = {
+ NULL,
+ psa_mac_verify_finish_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+
+int32_t psa_mac_verify_finish_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ psa_key_policy_t policy;
+ psa_mac_operation_t operation;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, check1[i].key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Start a multipart MAC calculation operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_SETUP, &operation,
+ check1[i].key_handle, check1[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Add a message fragment to a multipart MAC operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_UPDATE, &operation, check1[i].data,
+ check1[i].data_size);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+
+ /* Finish the calculation of the MAC of a message and compare it with
+ * an expected value
+ */
+ status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_FINISH, &operation,
+ check1[i].expected_mac, check1[i].mac_size);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(8));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ /* Abort a MAC operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ continue;
+ }
+
+ /* Finish the calculation of the MAC of a message using same operation
+ * should return error
+ */
+ status = val->crypto_function(VAL_CRYPTO_MAC_VERIFY_FINISH, &operation,
+ check1[i].expected_mac, check1[i].mac_size);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(10));
+
+ /* Abort a MAC operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c030/test_c030.h b/api-tests/dev_apis/crypto/test_c030/test_c030.h
new file mode 100644
index 0000000..46c2720
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c030/test_c030.h
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C030_CLIENT_TESTS_H_
+#define _TEST_C030_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c030)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c030_crypto_list[];
+
+int32_t psa_mac_verify_finish_test(security_t caller);
+#endif /* _TEST_C030_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c030/test_data.h b/api-tests/dev_apis/crypto/test_c030/test_data.h
new file mode 100644
index 0000000..942e57f
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c030/test_data.h
@@ -0,0 +1,111 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[64];
+ uint32_t key_length;
+ uint8_t data[16];
+ size_t data_size;
+ uint8_t expected_mac[64];
+ size_t mac_size;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+{"Test psa_mac_verify_finish HMAC SHA 224\n", 1, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68, 0x32, 0x10, 0x7c, 0xd4,
+ 0x9d, 0xf3, 0x3f, 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 0x53, 0x68,
+ 0x4b, 0x22}, 28,
+ PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_224),
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_verify_finish HMAC SHA 256\n", 2, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
+ 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
+ 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 32,
+ PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_verify_finish HMAC SHA 512\n", 3, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x87, 0xaa, 0x7c, 0xde, 0xa5, 0xef, 0x61, 0x9d, 0x4f, 0xf0, 0xb4, 0x24, 0x1a,
+ 0x1d, 0x6c, 0xb0, 0x23, 0x79, 0xf4, 0xe2, 0xce, 0x4e, 0xc2, 0x78, 0x7a, 0xd0,
+ 0xb3, 0x05, 0x45, 0xe1, 0x7c, 0xde, 0xda, 0xa8, 0x33, 0xb7, 0xd6, 0xb8, 0xa7,
+ 0x02, 0x03, 0x8b, 0x27, 0x4e, 0xae, 0xa3, 0xf4, 0xe4, 0xbe, 0x9d, 0x91, 0x4e,
+ 0xeb, 0x61, 0xf1, 0x70, 0x2e, 0x69, 0x6c, 0x20, 0x3a, 0x12, 0x68, 0x54}, 64,
+ PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_512),
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_verify_finish HMAC SHA 224 (truncated to 8 Byte)\n", 4, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68}, 8,
+ PSA_KEY_USAGE_VERIFY, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 8),
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_verify_finish CMAC AES 128\n", 5, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, 16,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x9A, 0x8F, 0xFF, 0x8D, 0xA3, 0x5B, 0x97, 0xCB, 0x4C, 0x95, 0xF0, 0xFA, 0x6A,
+ 0xE7, 0xE0, 0x77}, 16,
+ PSA_KEY_USAGE_VERIFY, PSA_ALG_CMAC,
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_verify_finish small size buffer\n", 6, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0xb0, 0x34, 0x4c, 0x61, 0xd8, 0xdb, 0x38, 0x53, 0x5c, 0xa8, 0xaf, 0xce, 0xaf,
+ 0x0b, 0xf1, 0x2b, 0x88, 0x1d, 0xc2, 0x00, 0xc9, 0x83, 0x3d, 0xa7, 0x26, 0xe9,
+ 0x37, 0x6c, 0x2e, 0x32, 0xcf, 0xf7}, 30,
+ PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ PSA_ERROR_INVALID_SIGNATURE
+},
+
+{"Test psa_mac_verify_finish incorrect expected MAC\n", 7, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+{0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65}, 8,
+{0x89, 0x6f, 0xb1, 0x12, 0x8a, 0xbb, 0xdf, 0x19, 0x68, 0x32, 0x10, 0x7c, 0xd4,
+ 0x9d, 0xf3, 0x3f, 0x47, 0xb4, 0xb1, 0x16, 0x99, 0x12, 0xba, 0x4f, 0x53, 0x68,
+ 0x4b, 0x20}, 28,
+ PSA_KEY_USAGE_VERIFY, PSA_ALG_HMAC(PSA_ALG_SHA_224),
+ PSA_ERROR_INVALID_SIGNATURE
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c030/test_entry.c b/api-tests/dev_apis/crypto/test_c030/test_entry.c
new file mode 100644
index 0000000..0188a08
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c030/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c030.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 30)
+#define TEST_DESC "Testing crypto MAC APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c030_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c031/source.mk b/api-tests/dev_apis/crypto/test_c031/source.mk
new file mode 100644
index 0000000..cc8d3ce
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c031/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c031.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c031/test_c031.c b/api-tests/dev_apis/crypto/test_c031/test_c031.c
new file mode 100644
index 0000000..078ebef
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c031/test_c031.c
@@ -0,0 +1,162 @@
+
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c031.h"
+#include "test_data.h"
+
+client_test_t test_c031_crypto_list[] = {
+ NULL,
+ psa_mac_abort_test,
+ psa_mac_abort_before_finish_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static uint8_t data[BUFFER_SIZE];
+
+int32_t psa_mac_abort_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ psa_key_policy_t policy;
+ psa_mac_operation_t operation;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, check1[i].key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Start a multipart MAC calculation operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation,
+ check1[i].key_handle, check1[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Abort a MAC operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+
+ /* Multiple Abort a MAC operation should succeed */
+ status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_mac_abort_before_finish_test(security_t caller)
+{
+ size_t length;
+ psa_key_policy_t policy;
+ psa_algorithm_t key_alg = PSA_ALG_CMAC;
+ psa_key_usage_t usage = PSA_KEY_USAGE_SIGN;
+ psa_key_handle_t key_handle = 10;
+ psa_key_type_t key_type = PSA_KEY_TYPE_AES;
+ psa_mac_operation_t operation;
+ uint8_t key_data[] = {0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7,
+ 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c};
+ uint8_t input_data[] = {0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65};
+ size_t key_length = sizeof(key_data)/sizeof(key_data[0]);
+ size_t inputdata_size = sizeof(input_data)/sizeof(input_data[0]);
+ int32_t status;
+
+ memset(data, 0, sizeof(data));
+
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, "Test psa_mac_sign_finish after calling psa_mac_abort\n", 0);
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, usage, key_alg);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, key_type, key_length, &key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, key_handle, key_type, key_data,
+ key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Start a multipart MAC calculation operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_SETUP, &operation, key_handle, key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Add a message fragment to a multipart MAC operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_UPDATE, &operation, input_data, inputdata_size);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+
+ /* Abort a MAC operation */
+ status = val->crypto_function(VAL_CRYPTO_MAC_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
+ /* Finish the calculation of the MAC of a message */
+ status = val->crypto_function(VAL_CRYPTO_MAC_SIGN_FINISH, &operation, data,
+ BUFFER_SIZE, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(9));
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c031/test_c031.h b/api-tests/dev_apis/crypto/test_c031/test_c031.h
new file mode 100644
index 0000000..0aee628
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c031/test_c031.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C031_CLIENT_TESTS_H_
+#define _TEST_C031_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c031)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c031_crypto_list[];
+
+int32_t psa_mac_abort_test(security_t caller);
+int32_t psa_mac_abort_before_finish_test(security_t caller);
+#endif /* _TEST_C031_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c031/test_data.h b/api-tests/dev_apis/crypto/test_c031/test_data.h
new file mode 100644
index 0000000..d7aa7fe
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c031/test_data.h
@@ -0,0 +1,66 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[64];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+{"Test psa_mac_abort HMAC SHA 224\n", 1, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_224),
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_abort HMAC SHA 256\n", 2, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_256),
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_abort HMAC SHA 512\n", 3, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_HMAC(PSA_ALG_SHA_512),
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_abort HMAC SHA 224 (truncated to 8 Byte)\n", 4, PSA_KEY_TYPE_HMAC,
+{0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b}, 20,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_TRUNCATED_MAC(PSA_ALG_HMAC(PSA_ALG_SHA_224), 8),
+ PSA_SUCCESS
+},
+
+{"Test psa_mac_abort CMAC AES 128\n", 5, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, 16,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_CMAC,
+ PSA_SUCCESS
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c031/test_entry.c b/api-tests/dev_apis/crypto/test_c031/test_entry.c
new file mode 100644
index 0000000..bd97a0d
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c031/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c031.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 31)
+#define TEST_DESC "Testing crypto MAC APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c031_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c032/source.mk b/api-tests/dev_apis/crypto/test_c032/source.mk
new file mode 100644
index 0000000..e098947
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c032/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c032.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c032/test_c032.c b/api-tests/dev_apis/crypto/test_c032/test_c032.c
new file mode 100644
index 0000000..0bf80f1
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c032/test_c032.c
@@ -0,0 +1,181 @@
+
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c032.h"
+#include "test_data.h"
+
+client_test_t test_c032_crypto_list[] = {
+ NULL,
+ psa_cipher_encrypt_setup_test,
+ psa_cipher_encrypt_setup_negative_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static psa_cipher_operation_t operation;
+
+int32_t psa_cipher_encrypt_setup_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ uint8_t *key_data;
+ psa_key_policy_t policy;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
+ {
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keypair;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ else
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keydata;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ key_data = ec_keypair;
+ else
+ key_data = ec_keydata;
+ }
+ else
+ key_data = check1[i].key_data;
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set the key for a multipart symmetric encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation,
+ check1[i].key_handle, check1[i].key_alg);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+
+ /* Abort a cipher operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_cipher_encrypt_setup_negative_test(security_t caller)
+{
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ int32_t i, status;
+ psa_key_policy_t policy;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
+ check2[i].key_alg);
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_cipher_encrypt_setup - Invalid key handle\n",
+ g_test_count++);
+ /* Set the key for a multipart symmetric encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation,
+ check2[i].key_handle, check2[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_cipher_encrypt_setup - Zero as key handle\n",
+ g_test_count++);
+ /* Set the key for a multipart symmetric encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation,
+ 0, check2[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_cipher_encrypt_setup - Empty key handle\n",
+ g_test_count++);
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check2[i].key_type,
+ check2[i].key_length, &check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Set the key for a multipart symmetric encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation,
+ check2[i].key_handle, check2[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_EMPTY_SLOT, TEST_CHECKPOINT_NUM(7));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
diff --git a/api-tests/dev_apis/crypto/test_c032/test_c032.h b/api-tests/dev_apis/crypto/test_c032/test_c032.h
new file mode 100644
index 0000000..02a902c
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c032/test_c032.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C032_CLIENT_TESTS_H_
+#define _TEST_C032_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c032)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c032_crypto_list[];
+
+int32_t psa_cipher_encrypt_setup_test(security_t caller);
+int32_t psa_cipher_encrypt_setup_negative_test(security_t caller);
+#endif /* _TEST_C032_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c032/test_data.h b/api-tests/dev_apis/crypto/test_c032/test_data.h
new file mode 100644
index 0000000..fbb4c4b
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c032/test_data.h
@@ -0,0 +1,280 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[64];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ size_t expected_bit_length;
+ psa_status_t expected_status;
+} test_data;
+
+static uint8_t rsa_384_keypair[1];
+static uint8_t rsa_384_keydata[1];
+
+static uint8_t rsa_256_keypair[] = {
+ 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
+ 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
+ 0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
+ 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 0x7F, 0xFE,
+ 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1,
+ 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B,
+ 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 0xDA,
+ 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63,
+ 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34,
+ 0xB3, 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73,
+ 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, 0x2E, 0xB8, 0x10,
+ 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4,
+ 0xBB, 0x17, 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5,
+ 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 0xBC, 0x23,
+ 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0,
+ 0xA1, 0x96, 0x4A, 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63,
+ 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 0x77,
+ 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39,
+ 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33,
+ 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5,
+ 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50,
+ 0x01, 0xEF, 0x9F, 0xED, 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7,
+ 0x92, 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, 0xC6, 0x79,
+ 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, 0x95, 0x77, 0xCB, 0xC3, 0x9A,
+ 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA,
+ 0x67, 0x16, 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, 0xFB,
+ 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, 0x98, 0x6B, 0x65, 0x9A,
+ 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22,
+ 0x60, 0x2A, 0x73, 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4,
+ 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, 0x25, 0x4E, 0x9F,
+ 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64,
+ 0xCA, 0x9A, 0x5B, 0x05, 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32,
+ 0x22, 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, 0x74, 0xD3,
+ 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, 0x7A, 0x97, 0x2E, 0xD6, 0xB6,
+ 0x19, 0xC6, 0x92, 0x26, 0xE4, 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9,
+ 0x78, 0x0D, 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, 0x41,
+ 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, 0xD2, 0x60, 0xF2, 0x9F,
+ 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C,
+ 0xE6, 0x55, 0x34, 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A,
+ 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, 0xF1, 0x58, 0x58,
+ 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9,
+ 0x10, 0x32, 0xB7, 0x93, 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6,
+ 0xB5, 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, 0x1B, 0xAC,
+ 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, 0x19, 0xB8, 0xC3, 0x60, 0xB1,
+ 0x57, 0x48, 0x5F, 0x52, 0x4F, 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43,
+ 0x50, 0x3F, 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, 0xAD,
+ 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, 0x70, 0x9C, 0x0A, 0x7C,
+ 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD,
+ 0x15, 0x73, 0xDA, 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0,
+ 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, 0xC6, 0xB1, 0x53,
+ 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D,
+ 0xB7, 0x5C, 0x5C, 0x7C, 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63,
+ 0xB3, 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, 0x8E, 0x7B,
+ 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, 0x7D, 0xEA, 0xFE, 0x76, 0xA1,
+ 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B,
+ 0x5B, 0x0F, 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, 0xED,
+ 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, 0x13, 0x23, 0x4C, 0xCB,
+ 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C,
+ 0xC1, 0x85, 0x5F, 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3,
+ 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, 0x5F, 0x53, 0xA4,
+ 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB,
+ 0xD5, 0xFE, 0xF9, 0x52, 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52,
+ 0x2F, 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, 0x52, 0xDA,
+ 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, 0xD3, 0x18, 0x14, 0x72, 0x77,
+ 0x5E, 0xC7, 0xA3, 0x04, 0x1F, 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3,
+ 0xF2, 0xB5, 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, 0x5F,
+ 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, 0x56, 0xC0, 0xD4, 0x22,
+ 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95,
+ 0x92, 0x31, 0x41, 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39,
+ 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, 0x22, 0x00, 0xFE,
+ 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41,
+ 0x56, 0x28, 0x51, 0x9E, 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2,
+ 0x6C, 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, 0xD4, 0x0C,
+ 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, 0xD4, 0xE6, 0xDC, 0x4C, 0xED,
+ 0xD7, 0x16, 0x11, 0xC3, 0x3E, 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE,
+ 0xBB, 0x75, 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, 0xC5,
+ 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, 0x6E, 0x99, 0x87, 0xF8,
+ 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF,
+ 0x16, 0xCA, 0x8B, 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC,
+ 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, 0x9D, 0xE0, 0x63,
+ 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D,
+ 0x45, 0xF9, 0x40, 0x8C, 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C,
+ 0xAC, 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, 0xE5, 0x8A,
+ 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, 0x86, 0x09, 0xB8, 0xD8, 0x76,
+ 0xA7, 0xC9, 0x1C, 0x71, 0x52, 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD,
+ 0x61, 0x1B, 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, 0x43,
+ 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, 0x5E, 0xCF, 0x4F, 0xFC,
+ 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5,
+ 0x29, 0xD0, 0x44, 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2,
+ 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
+ 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
+
+static uint8_t rsa_256_keydata[] = {
+ 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
+ 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
+ 0x75, 0x10, 0xA0, 0xA2, 0xB8, 0xCE, 0x7D, 0xAA, 0xE2, 0x05, 0xE0, 0x7A, 0xD8, 0x44,
+ 0x63, 0x8F, 0xB5, 0xBD, 0xC0, 0xB0, 0x19, 0xB9, 0x37, 0xB8, 0x19, 0x4A, 0x0E, 0xF1,
+ 0x5D, 0x74, 0x80, 0x67, 0x46, 0x87, 0x06, 0xDE, 0x5B, 0x7F, 0x06, 0x03, 0xBD, 0xC1,
+ 0x8D, 0x5E, 0x07, 0x15, 0xD4, 0x5B, 0xF4, 0xDC, 0xE5, 0xCF, 0x3D, 0xF9, 0xC1, 0x11,
+ 0x2C, 0xAE, 0x6A, 0xB9, 0x8A, 0xBD, 0x1D, 0x67, 0x66, 0x17, 0xEA, 0x4E, 0xBD, 0xDB,
+ 0x15, 0x9A, 0x82, 0x87, 0xE4, 0xF0, 0x78, 0xC3, 0xA3, 0x85, 0x87, 0xB0, 0xFD, 0x9F,
+ 0xA9, 0x99, 0x5F, 0xE3, 0x33, 0xEC, 0xCC, 0xEA, 0x0B, 0xB5, 0x61, 0x5E, 0xF1, 0x49,
+ 0x7E, 0x3F, 0xA3, 0x2D, 0xEA, 0x01, 0x0C, 0xCC, 0x42, 0x9A, 0x76, 0x9B, 0xC4, 0xD0,
+ 0x37, 0xD3, 0xB1, 0x17, 0x01, 0x61, 0x01, 0x16, 0x59, 0x7E, 0x1C, 0x17, 0xC3, 0x53,
+ 0xFD, 0xD1, 0x72, 0xCB, 0x4C, 0x60, 0x15, 0xDA, 0x7D, 0xE2, 0xEA, 0xAD, 0x50, 0xEF,
+ 0x8E, 0xE2, 0x8B, 0xD4, 0x6A, 0x77, 0x55, 0xD6, 0x70, 0xD9, 0x6B, 0xBB, 0xF1, 0xEE,
+ 0x39, 0x04, 0x38, 0xA3, 0xBD, 0xE2, 0xD1, 0xE0, 0x66, 0x6B, 0xE2, 0x9C, 0x47, 0x99,
+ 0xE9, 0x28, 0xE6, 0xB6, 0xFC, 0x2E, 0xCA, 0x67, 0x43, 0x84, 0xE8, 0xD5, 0x83, 0xD6,
+ 0x9D, 0x98, 0x6B, 0x01, 0x3E, 0x81, 0xDC, 0x3C, 0x7A, 0xCA, 0xF9, 0xF3, 0x9C, 0xF7,
+ 0xD6, 0x28, 0x1B, 0x27, 0x78, 0x7C, 0xC3, 0xD0, 0xD5, 0x63, 0xA7, 0x81, 0x34, 0x89,
+ 0xAD, 0x25, 0x6A, 0xBD, 0xF2, 0xEA, 0xED, 0xFA, 0x57, 0xFC, 0xE5, 0x34, 0xC6, 0xC1,
+ 0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
+ 0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
+
+static uint8_t ec_keydata[] = {
+ 0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
+ 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
+ 0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
+ 0xF6, 0x20, 0xA5, 0x58, 0xA5, 0x01, 0xE0, 0x22, 0x2D, 0x08, 0xCF, 0xE0, 0xDC, 0x8A,
+ 0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
+ 0x24, 0x74, 0x90, 0x9A, 0xE0};
+
+static uint8_t ec_keypair[] = {
+ 0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
+ 0xF5, 0x49, 0xBD, 0x6F, 0x05, 0x53, 0x49, 0x4B, 0x73, 0xE3, 0xD6, 0x11, 0x30, 0xFD,
+ 0xC6, 0xC9, 0x6D, 0xA0, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
+ 0x01, 0xA1, 0x34, 0x03, 0x32, 0x00, 0x04, 0x51, 0x75, 0xBC, 0xDF, 0x30, 0xA3, 0x70,
+ 0xF3, 0x9D, 0x53, 0x93, 0xE6, 0x12, 0x72, 0x88, 0xD8, 0x01, 0x67, 0xB5, 0xF4, 0xB4,
+ 0xB7, 0x76, 0xC6, 0x74, 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F,
+ 0x68, 0x54, 0xB5, 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
+
+static test_data check1[] = {
+{"Test psa_cipher_encrypt_setup 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR, BYTES_TO_BITS(AES_16B_KEY_SIZE),
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_encrypt_setup 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
+{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
+ 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9}, AES_24B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR, BYTES_TO_BITS(AES_24B_KEY_SIZE),
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_encrypt_setup 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
+{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
+ 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE}, AES_32B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR, BYTES_TO_BITS(AES_32B_KEY_SIZE),
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_encrypt_setup DES 64 bit key\n", 4, PSA_KEY_TYPE_DES,
+ {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING, BYTES_TO_BITS(DES_8B_KEY_SIZE),
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_encrypt_setup Triple DES 2-Key\n", 5, PSA_KEY_TYPE_DES,
+{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ DES3_2KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING, BYTES_TO_BITS(DES3_2KEY_SIZE),
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_encrypt_setup Triple DES 3-Key\n", 6, PSA_KEY_TYPE_DES,
+{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
+ DES3_3KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING, BYTES_TO_BITS(DES3_3KEY_SIZE),
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_encrypt_setup 16 Byte raw data\n", 7, PSA_KEY_TYPE_RAW_DATA,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR, BYTES_TO_BITS(AES_16B_KEY_SIZE),
+ PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_cipher_encrypt_setup - not a cipher algorithm\n", 8, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CMAC, BYTES_TO_BITS(AES_16B_KEY_SIZE),
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_cipher_encrypt_setup - unknown cipher algorithm\n", 9, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CATEGORY_CIPHER, BYTES_TO_BITS(AES_16B_KEY_SIZE),
+ PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_cipher_encrypt_setup - incompatible key ARC4\n", 10, PSA_KEY_TYPE_ARC4,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR, BYTES_TO_BITS(AES_16B_KEY_SIZE),
+ PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_cipher_encrypt_setup - incorrect usage\n", 11, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CTR, BYTES_TO_BITS(AES_16B_KEY_SIZE),
+ PSA_ERROR_NOT_PERMITTED
+},
+
+{"Test psa_cipher_encrypt_setup - RSA public key\n", 12, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+{0}, 294,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, 2048,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_cipher_encrypt_setup - RSA keypair\n", 13, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 1193,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, 2048,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_cipher_encrypt_setup - EC Public key\n", 14,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | PSA_ECC_CURVE_SECP192R1, {0}, 75,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION, 192,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_cipher_encrypt_setup - EC keypair\n", 15,
+ PSA_KEY_TYPE_ECC_KEYPAIR_BASE | PSA_ECC_CURVE_SECP192R1, {0}, 97,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION, 192,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+};
+
+static test_data check2[] = {
+{"Test psa_cipher_encrypt_setup negative cases\n", 16, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR, BYTES_TO_BITS(AES_16B_KEY_SIZE),
+ PSA_SUCCESS
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c032/test_entry.c b/api-tests/dev_apis/crypto/test_c032/test_entry.c
new file mode 100644
index 0000000..1ff8b8e
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c032/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c032.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 32)
+#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c032_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c033/source.mk b/api-tests/dev_apis/crypto/test_c033/source.mk
new file mode 100644
index 0000000..22c93a6
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c033/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c033.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c033/test_c033.c b/api-tests/dev_apis/crypto/test_c033/test_c033.c
new file mode 100644
index 0000000..4d1055f
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c033/test_c033.c
@@ -0,0 +1,181 @@
+
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c033.h"
+#include "test_data.h"
+
+client_test_t test_c033_crypto_list[] = {
+ NULL,
+ psa_cipher_decrypt_setup_test,
+ psa_cipher_decrypt_setup_negative_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static psa_cipher_operation_t operation;
+
+int32_t psa_cipher_decrypt_setup_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ uint8_t *key_data;
+ psa_key_policy_t policy;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
+ {
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keypair;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ else
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keydata;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ key_data = ec_keypair;
+ else
+ key_data = ec_keydata;
+ }
+ else
+ key_data = check1[i].key_data;
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set the key for a multipart symmetric decryption operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation,
+ check1[i].key_handle, check1[i].key_alg);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+
+ /* Abort a cipher operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_cipher_decrypt_setup_negative_test(security_t caller)
+{
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ int32_t i, status;
+ psa_key_policy_t policy;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
+ check2[i].key_alg);
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_cipher_decrypt_setup - Invalid key handle\n",
+ g_test_count++);
+ /* Set the key for a multipart symmetric decryption operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation,
+ check2[i].key_handle, check2[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_cipher_decrypt_setup - Zero as key handle\n",
+ g_test_count++);
+ /* Set the key for a multipart symmetric decryption operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation,
+ 0, check2[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_cipher_decrypt_setup - Empty key handle\n",
+ g_test_count++);
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check2[i].key_type,
+ check2[i].key_length, &check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Set the key for a multipart symmetric decryption operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation,
+ check2[i].key_handle, check2[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_EMPTY_SLOT, TEST_CHECKPOINT_NUM(7));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
diff --git a/api-tests/dev_apis/crypto/test_c033/test_c033.h b/api-tests/dev_apis/crypto/test_c033/test_c033.h
new file mode 100644
index 0000000..7a0befb
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c033/test_c033.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C033_CLIENT_TESTS_H_
+#define _TEST_C033_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c033)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c033_crypto_list[];
+
+int32_t psa_cipher_decrypt_setup_test(security_t caller);
+int32_t psa_cipher_decrypt_setup_negative_test(security_t caller);
+#endif /* _TEST_C033_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c033/test_data.h b/api-tests/dev_apis/crypto/test_c033/test_data.h
new file mode 100644
index 0000000..66e985a
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c033/test_data.h
@@ -0,0 +1,282 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+#define EMPTY_KEY_SLOT 31
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[64];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ size_t expected_bit_length;
+ psa_status_t expected_status;
+} test_data;
+
+static uint8_t rsa_384_keypair[1];
+static uint8_t rsa_384_keydata[1];
+
+static uint8_t rsa_256_keypair[] = {
+ 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
+ 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
+ 0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
+ 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 0x7F, 0xFE,
+ 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1,
+ 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B,
+ 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 0xDA,
+ 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63,
+ 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34,
+ 0xB3, 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73,
+ 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, 0x2E, 0xB8, 0x10,
+ 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4,
+ 0xBB, 0x17, 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5,
+ 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 0xBC, 0x23,
+ 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0,
+ 0xA1, 0x96, 0x4A, 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63,
+ 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 0x77,
+ 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39,
+ 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33,
+ 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5,
+ 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50,
+ 0x01, 0xEF, 0x9F, 0xED, 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7,
+ 0x92, 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, 0xC6, 0x79,
+ 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, 0x95, 0x77, 0xCB, 0xC3, 0x9A,
+ 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA,
+ 0x67, 0x16, 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, 0xFB,
+ 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, 0x98, 0x6B, 0x65, 0x9A,
+ 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22,
+ 0x60, 0x2A, 0x73, 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4,
+ 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, 0x25, 0x4E, 0x9F,
+ 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64,
+ 0xCA, 0x9A, 0x5B, 0x05, 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32,
+ 0x22, 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, 0x74, 0xD3,
+ 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, 0x7A, 0x97, 0x2E, 0xD6, 0xB6,
+ 0x19, 0xC6, 0x92, 0x26, 0xE4, 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9,
+ 0x78, 0x0D, 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, 0x41,
+ 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, 0xD2, 0x60, 0xF2, 0x9F,
+ 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C,
+ 0xE6, 0x55, 0x34, 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A,
+ 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, 0xF1, 0x58, 0x58,
+ 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9,
+ 0x10, 0x32, 0xB7, 0x93, 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6,
+ 0xB5, 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, 0x1B, 0xAC,
+ 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, 0x19, 0xB8, 0xC3, 0x60, 0xB1,
+ 0x57, 0x48, 0x5F, 0x52, 0x4F, 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43,
+ 0x50, 0x3F, 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, 0xAD,
+ 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, 0x70, 0x9C, 0x0A, 0x7C,
+ 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD,
+ 0x15, 0x73, 0xDA, 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0,
+ 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, 0xC6, 0xB1, 0x53,
+ 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D,
+ 0xB7, 0x5C, 0x5C, 0x7C, 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63,
+ 0xB3, 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, 0x8E, 0x7B,
+ 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, 0x7D, 0xEA, 0xFE, 0x76, 0xA1,
+ 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B,
+ 0x5B, 0x0F, 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, 0xED,
+ 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, 0x13, 0x23, 0x4C, 0xCB,
+ 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C,
+ 0xC1, 0x85, 0x5F, 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3,
+ 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, 0x5F, 0x53, 0xA4,
+ 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB,
+ 0xD5, 0xFE, 0xF9, 0x52, 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52,
+ 0x2F, 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, 0x52, 0xDA,
+ 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, 0xD3, 0x18, 0x14, 0x72, 0x77,
+ 0x5E, 0xC7, 0xA3, 0x04, 0x1F, 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3,
+ 0xF2, 0xB5, 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, 0x5F,
+ 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, 0x56, 0xC0, 0xD4, 0x22,
+ 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95,
+ 0x92, 0x31, 0x41, 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39,
+ 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, 0x22, 0x00, 0xFE,
+ 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41,
+ 0x56, 0x28, 0x51, 0x9E, 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2,
+ 0x6C, 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, 0xD4, 0x0C,
+ 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, 0xD4, 0xE6, 0xDC, 0x4C, 0xED,
+ 0xD7, 0x16, 0x11, 0xC3, 0x3E, 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE,
+ 0xBB, 0x75, 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, 0xC5,
+ 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, 0x6E, 0x99, 0x87, 0xF8,
+ 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF,
+ 0x16, 0xCA, 0x8B, 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC,
+ 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, 0x9D, 0xE0, 0x63,
+ 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D,
+ 0x45, 0xF9, 0x40, 0x8C, 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C,
+ 0xAC, 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, 0xE5, 0x8A,
+ 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, 0x86, 0x09, 0xB8, 0xD8, 0x76,
+ 0xA7, 0xC9, 0x1C, 0x71, 0x52, 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD,
+ 0x61, 0x1B, 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, 0x43,
+ 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, 0x5E, 0xCF, 0x4F, 0xFC,
+ 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5,
+ 0x29, 0xD0, 0x44, 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2,
+ 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
+ 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
+
+static uint8_t rsa_256_keydata[] = {
+ 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
+ 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
+ 0x75, 0x10, 0xA0, 0xA2, 0xB8, 0xCE, 0x7D, 0xAA, 0xE2, 0x05, 0xE0, 0x7A, 0xD8, 0x44,
+ 0x63, 0x8F, 0xB5, 0xBD, 0xC0, 0xB0, 0x19, 0xB9, 0x37, 0xB8, 0x19, 0x4A, 0x0E, 0xF1,
+ 0x5D, 0x74, 0x80, 0x67, 0x46, 0x87, 0x06, 0xDE, 0x5B, 0x7F, 0x06, 0x03, 0xBD, 0xC1,
+ 0x8D, 0x5E, 0x07, 0x15, 0xD4, 0x5B, 0xF4, 0xDC, 0xE5, 0xCF, 0x3D, 0xF9, 0xC1, 0x11,
+ 0x2C, 0xAE, 0x6A, 0xB9, 0x8A, 0xBD, 0x1D, 0x67, 0x66, 0x17, 0xEA, 0x4E, 0xBD, 0xDB,
+ 0x15, 0x9A, 0x82, 0x87, 0xE4, 0xF0, 0x78, 0xC3, 0xA3, 0x85, 0x87, 0xB0, 0xFD, 0x9F,
+ 0xA9, 0x99, 0x5F, 0xE3, 0x33, 0xEC, 0xCC, 0xEA, 0x0B, 0xB5, 0x61, 0x5E, 0xF1, 0x49,
+ 0x7E, 0x3F, 0xA3, 0x2D, 0xEA, 0x01, 0x0C, 0xCC, 0x42, 0x9A, 0x76, 0x9B, 0xC4, 0xD0,
+ 0x37, 0xD3, 0xB1, 0x17, 0x01, 0x61, 0x01, 0x16, 0x59, 0x7E, 0x1C, 0x17, 0xC3, 0x53,
+ 0xFD, 0xD1, 0x72, 0xCB, 0x4C, 0x60, 0x15, 0xDA, 0x7D, 0xE2, 0xEA, 0xAD, 0x50, 0xEF,
+ 0x8E, 0xE2, 0x8B, 0xD4, 0x6A, 0x77, 0x55, 0xD6, 0x70, 0xD9, 0x6B, 0xBB, 0xF1, 0xEE,
+ 0x39, 0x04, 0x38, 0xA3, 0xBD, 0xE2, 0xD1, 0xE0, 0x66, 0x6B, 0xE2, 0x9C, 0x47, 0x99,
+ 0xE9, 0x28, 0xE6, 0xB6, 0xFC, 0x2E, 0xCA, 0x67, 0x43, 0x84, 0xE8, 0xD5, 0x83, 0xD6,
+ 0x9D, 0x98, 0x6B, 0x01, 0x3E, 0x81, 0xDC, 0x3C, 0x7A, 0xCA, 0xF9, 0xF3, 0x9C, 0xF7,
+ 0xD6, 0x28, 0x1B, 0x27, 0x78, 0x7C, 0xC3, 0xD0, 0xD5, 0x63, 0xA7, 0x81, 0x34, 0x89,
+ 0xAD, 0x25, 0x6A, 0xBD, 0xF2, 0xEA, 0xED, 0xFA, 0x57, 0xFC, 0xE5, 0x34, 0xC6, 0xC1,
+ 0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
+ 0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
+
+static uint8_t ec_keydata[] = {
+ 0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
+ 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
+ 0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
+ 0xF6, 0x20, 0xA5, 0x58, 0xA5, 0x01, 0xE0, 0x22, 0x2D, 0x08, 0xCF, 0xE0, 0xDC, 0x8A,
+ 0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
+ 0x24, 0x74, 0x90, 0x9A, 0xE0};
+
+static uint8_t ec_keypair[] = {
+ 0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
+ 0xF5, 0x49, 0xBD, 0x6F, 0x05, 0x53, 0x49, 0x4B, 0x73, 0xE3, 0xD6, 0x11, 0x30, 0xFD,
+ 0xC6, 0xC9, 0x6D, 0xA0, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
+ 0x01, 0xA1, 0x34, 0x03, 0x32, 0x00, 0x04, 0x51, 0x75, 0xBC, 0xDF, 0x30, 0xA3, 0x70,
+ 0xF3, 0x9D, 0x53, 0x93, 0xE6, 0x12, 0x72, 0x88, 0xD8, 0x01, 0x67, 0xB5, 0xF4, 0xB4,
+ 0xB7, 0x76, 0xC6, 0x74, 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F,
+ 0x68, 0x54, 0xB5, 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
+
+static test_data check1[] = {
+{"Test psa_cipher_decrypt_setup 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CTR, BYTES_TO_BITS(AES_16B_KEY_SIZE),
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_decrypt_setup 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
+{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
+ 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9}, AES_24B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CTR, BYTES_TO_BITS(AES_24B_KEY_SIZE),
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_decrypt_setup 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
+{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
+ 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE}, AES_32B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CTR, BYTES_TO_BITS(AES_32B_KEY_SIZE),
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_decrypt_setup DES 64 bit key\n", 4, PSA_KEY_TYPE_DES,
+ {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_NO_PADDING, BYTES_TO_BITS(DES_8B_KEY_SIZE),
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_decrypt_setup Triple DES 2-Key\n", 5, PSA_KEY_TYPE_DES,
+{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ DES3_2KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_NO_PADDING, BYTES_TO_BITS(DES3_2KEY_SIZE),
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_decrypt_setup Triple DES 3-Key\n", 6, PSA_KEY_TYPE_DES,
+{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
+ DES3_3KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_NO_PADDING, BYTES_TO_BITS(DES3_3KEY_SIZE),
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_decrypt_setup 16 Byte raw data\n", 7, PSA_KEY_TYPE_RAW_DATA,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CTR, BYTES_TO_BITS(AES_16B_KEY_SIZE),
+ PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_cipher_decrypt_setup - not a cipher algorithm\n", 8, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CMAC, BYTES_TO_BITS(AES_16B_KEY_SIZE),
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_cipher_decrypt_setup - unknown cipher algorithm\n", 9, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CATEGORY_CIPHER, BYTES_TO_BITS(AES_16B_KEY_SIZE),
+ PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_cipher_decrypt_setup - incompatible key ARC4\n", 10, PSA_KEY_TYPE_ARC4,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CTR, BYTES_TO_BITS(AES_16B_KEY_SIZE),
+ PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_cipher_decrypt_setup - incorrect usage\n", 11, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR, BYTES_TO_BITS(AES_16B_KEY_SIZE),
+ PSA_ERROR_NOT_PERMITTED
+},
+
+{"Test psa_cipher_decrypt_setup - RSA public key\n", 12, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+{0}, 294,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, 2048,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_cipher_decrypt_setup - RSA keypair\n", 13, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 1193,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW, 2048,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_cipher_decrypt_setup - EC Public key\n", 14,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | PSA_ECC_CURVE_SECP192R1, {0}, 75,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_PKCS1V15_CRYPT, 192,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_cipher_decrypt_setup - EC keypair\n", 15,
+ PSA_KEY_TYPE_ECC_KEYPAIR_BASE | PSA_ECC_CURVE_SECP192R1, {0}, 97,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_PKCS1V15_CRYPT, 192,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+};
+
+static test_data check2[] = {
+{"Test psa_cipher_decrypt_setup - negative test\n", 16, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CTR, BYTES_TO_BITS(AES_16B_KEY_SIZE),
+ PSA_SUCCESS
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c033/test_entry.c b/api-tests/dev_apis/crypto/test_c033/test_entry.c
new file mode 100644
index 0000000..a979d30
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c033/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c033.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 33)
+#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c033_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c034/source.mk b/api-tests/dev_apis/crypto/test_c034/source.mk
new file mode 100644
index 0000000..cfb15f5
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c034/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c034.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c034/test_c034.c b/api-tests/dev_apis/crypto/test_c034/test_c034.c
new file mode 100644
index 0000000..66059ea
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c034/test_c034.c
@@ -0,0 +1,123 @@
+
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c034.h"
+#include "test_data.h"
+
+
+client_test_t test_c034_crypto_list[] = {
+ NULL,
+ psa_cipher_generate_iv_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+
+int32_t psa_cipher_generate_iv_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ uint32_t i, j, iv_sum;
+ uint8_t iv[32];
+ size_t iv_length;
+ psa_key_policy_t policy;
+ psa_cipher_operation_t operation;
+ int32_t status;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, check1[i].key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set the key for a multipart symmetric encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation,
+ check1[i].key_handle, check1[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Generate an IV for a symmetric encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_GENERATE_IV, &operation, iv,
+ check1[i].iv_size, &iv_length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(7));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ /* Abort a cipher operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+ continue;
+ }
+
+ /* Check that if generated iv length match the expected length */
+ TEST_ASSERT_EQUAL(iv_length, check1[i].expected_iv_length, TEST_CHECKPOINT_NUM(9));
+
+ iv_sum = 0;
+ for (j = 0; j < iv_length; j++)
+ {
+ iv_sum += iv[j];
+ }
+
+ /* Check that if generated iv are zero */
+ TEST_ASSERT_NOT_EQUAL(iv_sum, 0, TEST_CHECKPOINT_NUM(10));
+
+ /* Generating an IV for a symmetric encryption operation using the same operator
+ * should fail
+ */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_GENERATE_IV, &operation, iv,
+ check1[i].iv_size, &iv_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(11));
+
+ /* Abort a cipher operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c034/test_c034.h b/api-tests/dev_apis/crypto/test_c034/test_c034.h
new file mode 100644
index 0000000..3d1211a
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c034/test_c034.h
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C034_CLIENT_TESTS_H_
+#define _TEST_C034_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c034)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c034_crypto_list[];
+
+int32_t psa_cipher_generate_iv_test(security_t caller);
+#endif /* _TEST_C034_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c034/test_data.h b/api-tests/dev_apis/crypto/test_c034/test_data.h
new file mode 100644
index 0000000..98822f8
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c034/test_data.h
@@ -0,0 +1,107 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ size_t iv_size;
+ size_t expected_iv_length;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+{"Test psa_cipher_generate_iv 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR, 16, 16,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_generate_iv 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
+{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
+ 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9}, AES_24B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR, 16, 16,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_generate_iv 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
+{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
+ 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE}, AES_32B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR, 16, 16,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_generate_iv DES 64 bit key\n", 4, PSA_KEY_TYPE_DES,
+ {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+ 8, 8,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_generate_iv Triple DES 2-Key\n", 5, PSA_KEY_TYPE_DES,
+{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ DES3_2KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+ 8, 8,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_generate_iv Triple DES 3-Key\n", 6, PSA_KEY_TYPE_DES,
+{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
+ DES3_3KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+ 8, 8,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_generate_iv AES - small iv buffer\n", 7, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR, 8, 16,
+ PSA_ERROR_BUFFER_TOO_SMALL
+},
+
+{"Test psa_cipher_generate_iv DES - small iv buffer\n", 8, PSA_KEY_TYPE_DES,
+ {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+ 4, 8,
+ PSA_ERROR_BUFFER_TOO_SMALL
+},
+
+{"Test psa_cipher_generate_iv AES - large iv buffer\n", 9, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR, 32, 16,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_generate_iv DES - large iv buffer\n", 10, PSA_KEY_TYPE_DES,
+ {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+ 16, 8,
+ PSA_SUCCESS
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c034/test_entry.c b/api-tests/dev_apis/crypto/test_c034/test_entry.c
new file mode 100644
index 0000000..c86a67d
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c034/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c034.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 34)
+#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c034_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c035/source.mk b/api-tests/dev_apis/crypto/test_c035/source.mk
new file mode 100644
index 0000000..6e4b974
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c035/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c035.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c035/test_c035.c b/api-tests/dev_apis/crypto/test_c035/test_c035.c
new file mode 100644
index 0000000..5a64a37
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c035/test_c035.c
@@ -0,0 +1,100 @@
+
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c035.h"
+#include "test_data.h"
+
+
+client_test_t test_c035_crypto_list[] = {
+ NULL,
+ psa_cipher_set_iv_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+
+int32_t psa_cipher_set_iv_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ psa_key_policy_t policy;
+ psa_cipher_operation_t operation;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, check1[i].key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set the key for a multipart symmetric encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation,
+ check1[i].key_handle, check1[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Set an IV for a symmetric encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_SET_IV, &operation, check1[i].iv,
+ check1[i].iv_size);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(7));
+
+ /* Setting an IV for a symmetric encryption operation using the same operator
+ * should fail
+ */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_SET_IV, &operation, check1[i].iv,
+ check1[i].iv_size);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(8));
+
+ /* Abort a cipher operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c035/test_c035.h b/api-tests/dev_apis/crypto/test_c035/test_c035.h
new file mode 100644
index 0000000..d4cf6f8
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c035/test_c035.h
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C035_CLIENT_TESTS_H_
+#define _TEST_C035_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c035)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c035_crypto_list[];
+
+int32_t psa_cipher_set_iv_test(security_t caller);
+#endif /* _TEST_C035_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c035/test_data.h b/api-tests/dev_apis/crypto/test_c035/test_data.h
new file mode 100644
index 0000000..4ad260e
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c035/test_data.h
@@ -0,0 +1,118 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ uint8_t iv[32];
+ size_t iv_size;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+{"Test psa_cipher_set_iv 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_set_iv 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
+{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
+ 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9}, AES_24B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_set_iv 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
+{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
+ 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE}, AES_32B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_set_iv DES 64 bit key\n", 4, PSA_KEY_TYPE_DES,
+ {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07}, 8,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_set_iv Triple DES 2-Key\n", 5, PSA_KEY_TYPE_DES,
+{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ DES3_2KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07}, 8,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_set_iv Triple DES 3-Key\n", 6, PSA_KEY_TYPE_DES,
+{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
+ DES3_3KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07}, 8,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_set_iv AES - small iv buffer\n", 7, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR,
+ {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07}, 8,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_cipher_set_iv DES - small iv buffer\n", 8, PSA_KEY_TYPE_DES,
+ {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x00, 0x01, 0x02, 0x03,}, 4,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_cipher_set_iv AES - large iv buffer\n", 9, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9, 0xD0}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
+ 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F}, 32,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_cipher_set_iv DES - large iv buffer\n", 10, PSA_KEY_TYPE_DES,
+ {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+ 0x0D, 0x0E, 0x0F}, 16,
+ PSA_ERROR_INVALID_ARGUMENT
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c035/test_entry.c b/api-tests/dev_apis/crypto/test_c035/test_entry.c
new file mode 100644
index 0000000..a37200f
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c035/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c035.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 35)
+#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c035_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c036/source.mk b/api-tests/dev_apis/crypto/test_c036/source.mk
new file mode 100644
index 0000000..03fe831
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c036/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c036.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c036/test_c036.c b/api-tests/dev_apis/crypto/test_c036/test_c036.c
new file mode 100644
index 0000000..0a416b8
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c036/test_c036.c
@@ -0,0 +1,129 @@
+
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c036.h"
+#include "test_data.h"
+
+
+client_test_t test_c036_crypto_list[] = {
+ NULL,
+ psa_cipher_update_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static uint8_t output[SIZE_32B];
+static psa_cipher_operation_t operation;
+
+int32_t psa_cipher_update_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ size_t length;
+ psa_key_policy_t policy;
+ psa_cipher_operation_t invalid_operation = {0};
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, check1[i].key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ if (check1[i].usage == PSA_KEY_USAGE_ENCRYPT)
+ {
+ /* Set the key for a multipart symmetric encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation,
+ check1[i].key_handle, check1[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+ }
+ else if (check1[i].usage == PSA_KEY_USAGE_DECRYPT)
+ {
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation,
+ check1[i].key_handle, check1[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ }
+
+ /* Set an IV for a symmetric encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_SET_IV, &operation, check1[i].iv,
+ check1[i].iv_size);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
+ /* Encrypt or decrypt a message fragment in an active cipher operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_UPDATE, &operation, check1[i].input,
+ check1[i].input_length, output, check1[i].output_size, &length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(9));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ /* Abort a cipher operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+ continue;
+ }
+
+ /* Check if the output length matches the expected length */
+ TEST_ASSERT_EQUAL(length, check1[i].expected_output_length, TEST_CHECKPOINT_NUM(11));
+
+ /* Check if the output data matches the expected data */
+ TEST_ASSERT_MEMCMP(output, check1[i].expected_output, length, TEST_CHECKPOINT_NUM(12));
+
+ /* Encrypt or decrypt a message fragment in an invalid cipher operation should fail */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_UPDATE, &invalid_operation,
+ check1[i].input, check1[i].input_length, output, check1[i].output_size,
+ &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(13));
+
+ /* Abort a cipher operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(14));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c036/test_c036.h b/api-tests/dev_apis/crypto/test_c036/test_c036.h
new file mode 100644
index 0000000..045271a
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c036/test_c036.h
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C036_CLIENT_TESTS_H_
+#define _TEST_C036_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c036)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c036_crypto_list[];
+
+int32_t psa_cipher_update_test(security_t caller);
+#endif /* _TEST_C036_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c036/test_data.h b/api-tests/dev_apis/crypto/test_c036/test_data.h
new file mode 100644
index 0000000..1582faf
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c036/test_data.h
@@ -0,0 +1,218 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ uint8_t iv[16];
+ size_t iv_size;
+ uint8_t input[32];
+ size_t input_length;
+ size_t output_size;
+ uint8_t expected_output[32];
+ size_t expected_output_length;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+{"Test psa_cipher_update - Encrypt - AES CBC_NO_PADDING\n", 1, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 16, 16,
+{0xA0, 0x76, 0xEC, 0x9D, 0xFB, 0xE4, 0x7D, 0x52, 0xAF, 0xC3, 0x57, 0x33, 0x6F,
+ 0x20, 0x74, 0x3B}, 16, PSA_SUCCESS
+},
+
+{"Test psa_cipher_update - Encrypt - AES CBC_NO_PADDING (Short input)\n", 2, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x23}, 5, 16,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x23}, 0, PSA_SUCCESS
+},
+
+{"Test psa_cipher_update - Encrypt - AES CBC_PKCS7\n", 3, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_PKCS7,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 16, 16,
+{0xa0, 0x76, 0xec, 0x9d, 0xfb, 0xe4, 0x7d, 0x52, 0xaf, 0xc3, 0x57, 0x33, 0x6f,
+ 0x20, 0x74, 0x3b}, 16, PSA_SUCCESS
+},
+
+{"Test psa_cipher_update - Encrypt - AES CBC_PKCS7 (Short input)\n", 4, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_PKCS7,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17}, 15, 16,
+{0}, 0, PSA_SUCCESS
+},
+
+{"Test psa_cipher_update - Encrypt - AES CTR\n", 5, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 16, 16,
+{0x8f, 0x94, 0x08, 0xfe, 0x80, 0xa8, 0x1d, 0x3e, 0x81, 0x3d, 0xa3, 0xc7, 0xb0,
+ 0xb2, 0xbd, 0x32}, 16, PSA_SUCCESS
+},
+
+{"Test psa_cipher_update - Encrypt - DES CBC (nopad)\n", 6, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e}, DES_8B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a}, 8,
+{0xed, 0xa4, 0x01, 0x12, 0x39, 0xbc, 0x3a, 0xc9}, 8, 8,
+{0x64, 0xf9, 0x17, 0xb0, 0x15, 0x2f, 0x8f, 0x05}, 8, PSA_SUCCESS
+},
+
+{"Test psa_cipher_update - Encrypt - 2-key 3DE -CBC (nopad)\n", 7, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e, 0xc1, 0xc2, 0xc4, 0xc7, 0xc8,
+ 0xcb, 0xcd, 0xce}, DES3_2KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a}, 8,
+{0xed, 0xa4, 0x01, 0x12, 0x39, 0xbc, 0x3a, 0xc9}, 8, 8,
+{0x5d, 0x06, 0x52, 0x42, 0x9c, 0x5b, 0x0a, 0xc7}, 8, PSA_SUCCESS
+},
+
+{"Test psa_cipher_update - Encrypt - 3-key 3DE -CBC (nopad)\n", 8, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e, 0xc1, 0xc2, 0xc4, 0xc7, 0xc8,
+ 0xcb, 0xcd, 0xce, 0x31, 0x32, 0x34, 0x37, 0x38, 0x3b, 0x3d, 0x3e}, DES3_3KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a}, 8,
+{0xed, 0xa4, 0x01, 0x12, 0x39, 0xbc, 0x3a, 0xc9}, 8, 8,
+{0x81, 0x7c, 0xa7, 0xd6, 0x9b, 0x80, 0xd8, 0x6a}, 8, PSA_SUCCESS
+},
+
+{"Test psa_cipher_update - small output buffer size\n", 9, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 16, 15,
+{0xA0, 0x76, 0xEC, 0x9D, 0xFB, 0xE4, 0x7D, 0x52, 0xAF, 0xC3, 0x57, 0x33, 0x6F,
+ 0x20, 0x74, 0x3B}, 16, PSA_ERROR_BUFFER_TOO_SMALL
+},
+
+{"Test psa_cipher_update - Decrypt - AES CBC_NO_PADDING\n", 10, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0xA0, 0x76, 0xEC, 0x9D, 0xFB, 0xE4, 0x7D, 0x52, 0xAF, 0xC3, 0x57, 0x33, 0x6F,
+ 0x20, 0x74, 0x3B}, 16, 16,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 16, PSA_SUCCESS
+},
+
+{"Test psa_cipher_update - Decrypt - AES CBC_NO_PADDING (Short input)\n", 11, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x23}, 5, 16,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x23}, 0, PSA_SUCCESS
+},
+
+{"Test psa_cipher_update - Decrypt - AES CBC_PKCS7\n", 12, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_PKCS7,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0xa0, 0x76, 0xec, 0x9d, 0xfb, 0xe4, 0x7d, 0x52, 0xaf, 0xc3, 0x57, 0x33, 0x6f,
+ 0x20, 0x74, 0x3b}, 16, 16,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 0, PSA_SUCCESS
+},
+
+{"Test psa_cipher_update - Decrypt - AES CBC_PKCS7 (Short input)\n", 13, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_PKCS7,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0xa0, 0x76, 0xec, 0x9d, 0xfb, 0xe4, 0x7d, 0x52, 0xaf, 0xc3, 0x57, 0x33, 0x6f,
+ 0x20, 0x74, 0x3b, 0xca, 0x7e, 0x8a, 0x15, 0xdc, 0x3c, 0x77, 0x64, 0x36, 0x31,
+ 0x42, 0x93, 0x03, 0x1c, 0xd4, 0xf3}, 32, 32,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 16, PSA_SUCCESS
+},
+
+{"Test psa_cipher_update - Decrypt - AES CTR\n", 14, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CTR,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0x8f, 0x94, 0x08, 0xfe, 0x80, 0xa8, 0x1d, 0x3e, 0x81, 0x3d, 0xa3, 0xc7, 0xb0,
+ 0xb2, 0xbd, 0x32}, 16, 16,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 16, PSA_SUCCESS
+},
+
+{"Test psa_cipher_update - Decrypt - DES CBC (nopad)\n", 15, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e}, DES_8B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a}, 8,
+{0x64, 0xf9, 0x17, 0xb0, 0x15, 0x2f, 0x8f, 0x05}, 8, 8,
+{0xed, 0xa4, 0x01, 0x12, 0x39, 0xbc, 0x3a, 0xc9}, 8, PSA_SUCCESS
+},
+
+{"Test psa_cipher_update - Decrypt - 2-key 3DE -CBC (nopad)\n", 16, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e, 0xc1, 0xc2, 0xc4, 0xc7, 0xc8,
+ 0xcb, 0xcd, 0xce}, DES3_2KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a}, 8,
+{0x5d, 0x06, 0x52, 0x42, 0x9c, 0x5b, 0x0a, 0xc7}, 8, 8,
+{0xed, 0xa4, 0x01, 0x12, 0x39, 0xbc, 0x3a, 0xc9}, 8, PSA_SUCCESS
+},
+
+{"Test psa_cipher_update - Decrypt - 3-key 3DE -CBC (nopad)\n", 17, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e, 0xc1, 0xc2, 0xc4, 0xc7, 0xc8,
+ 0xcb, 0xcd, 0xce, 0x31, 0x32, 0x34, 0x37, 0x38, 0x3b, 0x3d, 0x3e}, DES3_3KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a}, 8,
+{0x81, 0x7c, 0xa7, 0xd6, 0x9b, 0x80, 0xd8, 0x6a}, 8, 8,
+{0xed, 0xa4, 0x01, 0x12, 0x39, 0xbc, 0x3a, 0xc9}, 8, PSA_SUCCESS
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c036/test_entry.c b/api-tests/dev_apis/crypto/test_c036/test_entry.c
new file mode 100644
index 0000000..f46a6b3
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c036/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c036.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 36)
+#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c036_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c037/source.mk b/api-tests/dev_apis/crypto/test_c037/source.mk
new file mode 100644
index 0000000..9aa0674
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c037/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c037.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c037/test_c037.c b/api-tests/dev_apis/crypto/test_c037/test_c037.c
new file mode 100644
index 0000000..c546402
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c037/test_c037.c
@@ -0,0 +1,142 @@
+
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c037.h"
+#include "test_data.h"
+
+#define SLOT_1 0
+#define SLOT_2 1
+
+client_test_t test_c037_crypto_list[] = {
+ NULL,
+ psa_cipher_finish_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static uint8_t output[SIZE_32B];
+
+int32_t psa_cipher_finish_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ size_t update_length, finish_length;
+ psa_key_policy_t policy;
+ psa_cipher_operation_t operation, invalid_operation;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, check1[i].key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ if (check1[i].usage == PSA_KEY_USAGE_ENCRYPT)
+ {
+ /* Set the key for a multipart symmetric encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation,
+ check1[i].key_handle, check1[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+ }
+ else if (check1[i].usage == PSA_KEY_USAGE_DECRYPT)
+ {
+ /* Set the key for a multipart symmetric decryption operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation,
+ check1[i].key_handle, check1[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ }
+
+ /* Set an IV for a symmetric encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_SET_IV, &operation, check1[i].iv,
+ check1[i].iv_size);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
+ /* Encrypt or decrypt a message fragment in an active cipher operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_UPDATE, &operation, check1[i].input,
+ check1[i].input_length, output, check1[i].output_size[SLOT_1], &update_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+
+ /* Finish encrypting or decrypting a message in a cipher operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_FINISH, &operation,
+ output + update_length, check1[i].output_size[SLOT_2], &finish_length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(10));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ /* Abort a cipher operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(11));
+ continue;
+ }
+
+ /* Check if the output length matches the expected length */
+ TEST_ASSERT_EQUAL(finish_length, check1[i].expected_output_length, TEST_CHECKPOINT_NUM(12));
+
+ /* Check if the output data matches the expected data */
+ TEST_ASSERT_MEMCMP(output, check1[i].expected_output,
+ (update_length + finish_length),
+ TEST_CHECKPOINT_NUM(13));
+
+ /* Finish encrypting or decrypting a message using an invalid operation should fail */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_FINISH, &invalid_operation, output,
+ check1[i].output_size[SLOT_2], &finish_length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_BAD_STATE, TEST_CHECKPOINT_NUM(14));
+
+ /* Abort a cipher operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(15));
+
+ /* Abort a cipher operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &invalid_operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(16));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c037/test_c037.h b/api-tests/dev_apis/crypto/test_c037/test_c037.h
new file mode 100644
index 0000000..e7e1bda
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c037/test_c037.h
@@ -0,0 +1,30 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C037_CLIENT_TESTS_H_
+#define _TEST_C037_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c037)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c037_crypto_list[];
+
+int32_t psa_cipher_finish_test(security_t caller);
+#endif /* _TEST_C037_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c037/test_data.h b/api-tests/dev_apis/crypto/test_c037/test_data.h
new file mode 100644
index 0000000..6d8a1df
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c037/test_data.h
@@ -0,0 +1,247 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ uint8_t iv[16];
+ size_t iv_size;
+ uint8_t input[32];
+ size_t input_length;
+ size_t output_size[2];
+ uint8_t expected_output[32];
+ size_t expected_output_length;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+{"Test psa_cipher_finish - Encrypt - AES CBC_NO_PADDING\n", 1, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 16, {SIZE_32B, SIZE_32B},
+{0xA0, 0x76, 0xEC, 0x9D, 0xFB, 0xE4, 0x7D, 0x52, 0xAF, 0xC3, 0x57, 0x33, 0x6F,
+ 0x20, 0x74, 0x3B}, 0, PSA_SUCCESS
+},
+
+{"Test psa_cipher_finish - Encrypt - AES CBC_NO_PADDING (Short input)\n", 2, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x23}, 5, {16, 16},
+{0x6b, 0xc1, 0xbe, 0xe2, 0x23}, 0, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_cipher_finish - Encrypt - AES CBC_PKCS7\n", 3, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_PKCS7,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 16, {SIZE_32B, SIZE_32B},
+{0xa0, 0x76, 0xec, 0x9d, 0xfb, 0xe4, 0x7d, 0x52, 0xaf, 0xc3, 0x57, 0x33, 0x6f,
+ 0x20, 0x74, 0x3b, 0xca, 0x7e, 0x8a, 0x15, 0xdc, 0x3c, 0x77, 0x64, 0x36, 0x31,
+ 0x42, 0x93, 0x03, 0x1c, 0xd4, 0xf3}, 16, PSA_SUCCESS
+},
+
+{"Test psa_cipher_finish - Encrypt - AES CBC_PKCS7 (Short input)\n", 4, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_PKCS7,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17}, 15, {SIZE_32B, SIZE_32B},
+{0x62, 0x79, 0xb4, 0x9d, 0x7f, 0x7a, 0x8d, 0xd8, 0x7b, 0x68, 0x51, 0x75, 0xd4,
+ 0x27, 0x6e, 0x24}, 16, PSA_SUCCESS
+},
+
+{"Test psa_cipher_finish - Encrypt - AES CTR\n", 5, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 16, {SIZE_32B, SIZE_32B},
+{0x8f, 0x94, 0x08, 0xfe, 0x80, 0xa8, 0x1d, 0x3e, 0x81, 0x3d, 0xa3, 0xc7, 0xb0,
+ 0xb2, 0xbd, 0x32}, 0, PSA_SUCCESS
+},
+
+{"Test psa_cipher_finish - Encrypt - AES CTR (short input)\n", 6, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17}, 15, {SIZE_32B, SIZE_32B},
+{0x8f, 0x94, 0x08, 0xfe, 0x80, 0xa8, 0x1d, 0x3e, 0x81, 0x3d, 0xa3, 0xc7, 0xb0,
+ 0xb2, 0xbd}, 0, PSA_SUCCESS
+},
+
+{"Test psa_cipher_finish - Encrypt - DES CBC (nopad)\n", 7, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e}, DES_8B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a}, 8,
+{0xed, 0xa4, 0x01, 0x12, 0x39, 0xbc, 0x3a, 0xc9}, 8, {SIZE_32B, SIZE_32B},
+{0x64, 0xf9, 0x17, 0xb0, 0x15, 0x2f, 0x8f, 0x05}, 0, PSA_SUCCESS
+},
+
+{"Test psa_cipher_finish - Encrypt - 2-key 3DE -CBC (nopad)\n", 8, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e, 0xc1, 0xc2, 0xc4, 0xc7, 0xc8,
+ 0xcb, 0xcd, 0xce}, DES3_2KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a}, 8,
+{0xed, 0xa4, 0x01, 0x12, 0x39, 0xbc, 0x3a, 0xc9}, 8, {SIZE_32B, SIZE_32B},
+{0x5d, 0x06, 0x52, 0x42, 0x9c, 0x5b, 0x0a, 0xc7}, 0, PSA_SUCCESS
+},
+
+{"Test psa_cipher_finish - Encrypt - 3-key 3DE -CBC (nopad)\n", 9, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e, 0xc1, 0xc2, 0xc4, 0xc7, 0xc8,
+ 0xcb, 0xcd, 0xce, 0x31, 0x32, 0x34, 0x37, 0x38, 0x3b, 0x3d, 0x3e}, DES3_3KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a}, 8,
+{0xed, 0xa4, 0x01, 0x12, 0x39, 0xbc, 0x3a, 0xc9}, 8, {SIZE_32B, SIZE_32B},
+{0x81, 0x7c, 0xa7, 0xd6, 0x9b, 0x80, 0xd8, 0x6a}, 0, PSA_SUCCESS
+},
+
+{"Test psa_cipher_finish - small output buffer size\n", 10, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_PKCS7,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 16, {SIZE_32B, 15},
+{0xa0, 0x76, 0xec, 0x9d, 0xfb, 0xe4, 0x7d, 0x52, 0xaf, 0xc3, 0x57, 0x33, 0x6f,
+ 0x20, 0x74, 0x3b, 0xca, 0x7e, 0x8a, 0x15, 0xdc, 0x3c, 0x77, 0x64, 0x36, 0x31,
+ 0x42, 0x93, 0x03, 0x1c, 0xd4, 0xf3}, 16, PSA_ERROR_BUFFER_TOO_SMALL
+},
+
+{"Test psa_cipher_finish - Decrypt - AES CBC_NO_PADDING\n", 11, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0xA0, 0x76, 0xEC, 0x9D, 0xFB, 0xE4, 0x7D, 0x52, 0xAF, 0xC3, 0x57, 0x33, 0x6F,
+ 0x20, 0x74, 0x3B},
+ 16, {SIZE_32B, SIZE_32B},
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 0, PSA_SUCCESS
+},
+
+{"Test psa_cipher_finish - Decrypt - AES CBC_NO_PADDING (Short input)\n", 12, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0x6b, 0xc1, 0xbe, 0xe2, 0x23}, 5, {16, 16},
+{0x6b, 0xc1, 0xbe, 0xe2, 0x23}, 0, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_cipher_finish - Decrypt - AES CBC_PKCS7\n", 13, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_PKCS7,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0xa0, 0x76, 0xec, 0x9d, 0xfb, 0xe4, 0x7d, 0x52, 0xaf, 0xc3, 0x57, 0x33, 0x6f,
+ 0x20, 0x74, 0x3b, 0xca, 0x7e, 0x8a, 0x15, 0xdc, 0x3c, 0x77, 0x64, 0x36, 0x31,
+ 0x42, 0x93, 0x03, 0x1c, 0xd4, 0xf3}, 32, {SIZE_32B, SIZE_32B},
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a}, 0, PSA_SUCCESS
+},
+
+{"Test psa_cipher_finish - Decrypt - AES CBC_PKCS7 (Short input)\n", 14, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_PKCS7,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0x62, 0x79, 0xb4, 0x9d, 0x7f, 0x7a, 0x8d, 0xd8, 0x7b, 0x68, 0x51, 0x75, 0xd4,
+ 0x27, 0x6e, 0x24}, 16, {SIZE_32B, SIZE_32B},
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17}, 15, PSA_SUCCESS
+},
+
+{"Test psa_cipher_finish - Decrypt - AES CTR\n", 15, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CTR,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0x8f, 0x94, 0x08, 0xfe, 0x80, 0xa8, 0x1d, 0x3e, 0x81, 0x3d, 0xa3, 0xc7, 0xb0,
+ 0xb2, 0xbd, 0x32}, 16, {SIZE_32B, SIZE_32B},
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17, 0x2a},
+ 0, PSA_SUCCESS
+},
+
+{"Test psa_cipher_finish - Decrypt - AES CTR (short input)\n", 16, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CTR,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a}, 16,
+{0x8f, 0x94, 0x08, 0xfe, 0x80, 0xa8, 0x1d, 0x3e, 0x81, 0x3d, 0xa3, 0xc7, 0xb0,
+ 0xb2, 0xbd}, 15, {SIZE_32B, SIZE_32B},
+{0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73,
+ 0x93, 0x17}, 0, PSA_SUCCESS
+},
+
+{"Test psa_cipher_finish - Decrypt - DES CBC (nopad)\n", 17, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e}, DES_8B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a}, 8,
+{0x64, 0xf9, 0x17, 0xb0, 0x15, 0x2f, 0x8f, 0x05}, 8, {SIZE_32B, SIZE_32B},
+{0xed, 0xa4, 0x01, 0x12, 0x39, 0xbc, 0x3a, 0xc9}, 0, PSA_SUCCESS
+},
+
+{"Test psa_cipher_finish - Decrypt - 2-key 3DE -CBC (nopad)\n", 18, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e, 0xc1, 0xc2, 0xc4, 0xc7, 0xc8,
+ 0xcb, 0xcd, 0xce}, DES3_2KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a}, 8,
+{0x5d, 0x06, 0x52, 0x42, 0x9c, 0x5b, 0x0a, 0xc7}, 8, {SIZE_32B, SIZE_32B},
+{0xed, 0xa4, 0x01, 0x12, 0x39, 0xbc, 0x3a, 0xc9}, 0, PSA_SUCCESS
+},
+
+{"Test psa_cipher_finish - 3-key 3DE -CBC (nopad)\n", 19, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e, 0xc1, 0xc2, 0xc4, 0xc7, 0xc8,
+ 0xcb, 0xcd, 0xce, 0x31, 0x32, 0x34, 0x37, 0x38, 0x3b, 0x3d, 0x3e}, DES3_3KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_NO_PADDING,
+{0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a}, 8,
+{0x81, 0x7c, 0xa7, 0xd6, 0x9b, 0x80, 0xd8, 0x6a}, 8, {SIZE_32B, SIZE_32B},
+{0xed, 0xa4, 0x01, 0x12, 0x39, 0xbc, 0x3a, 0xc9}, 0, PSA_SUCCESS
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c037/test_entry.c b/api-tests/dev_apis/crypto/test_c037/test_entry.c
new file mode 100644
index 0000000..7732adb
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c037/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c037.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 37)
+#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c037_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c038/source.mk b/api-tests/dev_apis/crypto/test_c038/source.mk
new file mode 100644
index 0000000..b0442d2
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c038/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c038.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c038/test_c038.c b/api-tests/dev_apis/crypto/test_c038/test_c038.c
new file mode 100644
index 0000000..c44f72e
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c038/test_c038.c
@@ -0,0 +1,177 @@
+
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c038.h"
+#include "test_data.h"
+
+client_test_t test_c038_crypto_list[] = {
+ NULL,
+ psa_cipher_abort_test,
+ psa_cipher_abort_before_update_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static uint8_t output[SIZE_32B];
+
+int32_t psa_cipher_abort_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ psa_key_policy_t policy;
+ psa_cipher_operation_t operation;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, check1[i].key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ if (check1[i].usage == PSA_KEY_USAGE_ENCRYPT)
+ {
+ /* Set the key for a multipart symmetric encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation,
+ check1[i].key_handle, check1[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+ }
+ else if (check1[i].usage == PSA_KEY_USAGE_DECRYPT)
+ {
+ /* Set the key for a multipart symmetric decryption operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_DECRYPT_SETUP, &operation,
+ check1[i].key_handle, check1[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ }
+
+ /* Abort a cipher operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
+ /* Multiple abort cipher operation should return success*/
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(9));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_cipher_abort_before_update_test(security_t caller)
+{
+ size_t length;
+ psa_key_policy_t policy;
+ psa_algorithm_t key_alg = PSA_ALG_CBC_NO_PADDING;
+ psa_key_usage_t usage = PSA_KEY_USAGE_ENCRYPT;
+ psa_key_handle_t key_handle = 13;
+ psa_key_type_t key_type = PSA_KEY_TYPE_AES;
+ psa_cipher_operation_t operation;
+ uint8_t key_data[] = {0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab,
+ 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c};
+ uint8_t input[] = {0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9,
+ 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a};
+ uint8_t iv[] = {0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a,
+ 0x2a, 0x2a, 0x2a, 0x2a, 0x2a, 0x2a};
+ size_t key_length = sizeof(key_data)/sizeof(key_data[0]);
+ size_t input_length = sizeof(input)/sizeof(input[0]);
+ size_t iv_size = sizeof(iv)/sizeof(iv[0]);
+ int32_t status;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, "Test psa_cipher_update after psa_cipher_abort should fail\n", 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, usage, key_alg);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, key_type,
+ key_length, &key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, key_handle, &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, key_handle,
+ key_type, key_data, key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set the key for a multipart symmetric encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ENCRYPT_SETUP, &operation,
+ key_handle, key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Set an IV for a symmetric encryption operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_SET_IV, &operation, iv, iv_size);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+
+ /* Abort a cipher operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_ABORT, &operation);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
+ /* Encrypt or decrypt a message fragment in an active cipher operation */
+ status = val->crypto_function(VAL_CRYPTO_CIPHER_UPDATE, &operation, input,
+ input_length, output, SIZE_32B, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_ARGUMENT, TEST_CHECKPOINT_NUM(9));
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c038/test_c038.h b/api-tests/dev_apis/crypto/test_c038/test_c038.h
new file mode 100644
index 0000000..6d6e5f0
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c038/test_c038.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C038_CLIENT_TESTS_H_
+#define _TEST_C038_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c038)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c038_crypto_list[];
+
+int32_t psa_cipher_abort_test(security_t caller);
+int32_t psa_cipher_abort_before_update_test(security_t caller);
+#endif /* _TEST_C038_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c038/test_data.h b/api-tests/dev_apis/crypto/test_c038/test_data.h
new file mode 100644
index 0000000..3b55f68
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c038/test_data.h
@@ -0,0 +1,113 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[32];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_status_t expected_status;
+} test_data;
+
+static test_data check1[] = {
+{"Test psa_cipher_abort - Encrypt - AES CBC_NO_PADDING\n", 1, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_abort - Encrypt - AES CBC_PKCS7\n", 2, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_PKCS7,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_abort - Encrypt - AES CTR\n", 3, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CTR,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_abort - Encrypt - DES CBC (nopad)\n", 4, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e}, DES_8B_KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_abort - Encrypt - 2-key 3DE -CBC (nopad)\n", 5, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e, 0xc1, 0xc2, 0xc4, 0xc7, 0xc8,
+ 0xcb, 0xcd, 0xce}, DES3_2KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_abort - Encrypt - 3-key 3DE -CBC (nopad)\n", 6, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e, 0xc1, 0xc2, 0xc4, 0xc7, 0xc8,
+ 0xcb, 0xcd, 0xce, 0x31, 0x32, 0x34, 0x37, 0x38, 0x3b, 0x3d, 0x3e}, DES3_3KEY_SIZE,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_CBC_NO_PADDING,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_abort - Decrypt - AES CBC_NO_PADDING\n", 7, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_NO_PADDING,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_abort - Decrypt - AES CBC_PKCS7\n", 8, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_PKCS7,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_abort - Decrypt - AES CTR\n", 9, PSA_KEY_TYPE_AES,
+{0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09,
+ 0xcf, 0x4f, 0x3c}, AES_16B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CTR,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_abort - Decrypt - DES CBC (nopad)\n", 10, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e}, DES_8B_KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_NO_PADDING,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_abort - Decrypt - 2-key 3DE -CBC (nopad)\n", 11, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e, 0xc1, 0xc2, 0xc4, 0xc7, 0xc8,
+ 0xcb, 0xcd, 0xce}, DES3_2KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_NO_PADDING,
+ PSA_SUCCESS
+},
+
+{"Test psa_cipher_abort - Decrypt - 3-key 3DE -CBC (nopad)\n", 12, PSA_KEY_TYPE_DES,
+{0x01, 0x02, 0x04, 0x07, 0x08, 0x0b, 0x0d, 0x0e, 0xc1, 0xc2, 0xc4, 0xc7, 0xc8,
+ 0xcb, 0xcd, 0xce, 0x31, 0x32, 0x34, 0x37, 0x38, 0x3b, 0x3d, 0x3e}, DES3_3KEY_SIZE,
+ PSA_KEY_USAGE_DECRYPT, PSA_ALG_CBC_NO_PADDING,
+ PSA_SUCCESS
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c038/test_entry.c b/api-tests/dev_apis/crypto/test_c038/test_entry.c
new file mode 100644
index 0000000..d027ada
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c038/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c038.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 38)
+#define TEST_DESC "Testing crypto symmetric cipher APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c038_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c039/source.mk b/api-tests/dev_apis/crypto/test_c039/source.mk
new file mode 100644
index 0000000..61f86c6
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c039/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c039.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c039/test_c039.c b/api-tests/dev_apis/crypto/test_c039/test_c039.c
new file mode 100644
index 0000000..b46bec0
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c039/test_c039.c
@@ -0,0 +1,240 @@
+
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c039.h"
+#include "test_data.h"
+
+client_test_t test_c039_crypto_list[] = {
+ NULL,
+ psa_asymmetric_encrypt_test,
+ psa_asymmetric_encrypt_negative_test,
+ NULL,
+};
+
+static bool_t is_buffer_empty(uint8_t *buffer, size_t size)
+{
+ int i;
+
+ for (i = 0; i < size; i++)
+ {
+ if (buffer[i] != 0)
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
+static int g_test_count = 1;
+static uint8_t output[SIZE_128B];
+
+int32_t psa_asymmetric_encrypt_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ uint8_t *key_data, *salt;
+ size_t length;
+ psa_key_policy_t policy;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ memset(output, 0, sizeof(output));
+
+ /* Set the key data based on key type */
+ if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
+ {
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(128))
+ key_data = rsa_128_keypair;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ else
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(128))
+ key_data = rsa_128_keydata;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ key_data = ec_keypair;
+ else
+ key_data = ec_keydata;
+ }
+ else
+ key_data = check1[i].key_data;
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ if (is_buffer_empty(check1[i].salt, check1[i].salt_length) == TRUE)
+ salt = NULL;
+ else
+ salt = check1[i].salt;
+
+ /* Encrypt a short message with a public key */
+ status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_ENCRYPT, check1[i].key_handle,
+ check1[i].key_alg, check1[i].input, check1[i].input_length, salt,
+ check1[i].salt_length, output, check1[i].output_size, &length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ continue;
+
+ /* Check if the output length matches with the expected output length */
+ TEST_ASSERT_EQUAL(length, check1[i].expected_output_length, TEST_CHECKPOINT_NUM(7));
+
+ /* We test encryption by checking that encrypt-then-decrypt gives back
+ * the original plaintext because of the non-optional random
+ * part of encryption process which prevents using fixed vectors. */
+ if ((check1[i].usage & PSA_KEY_USAGE_DECRYPT) == PSA_KEY_USAGE_DECRYPT)
+ {
+ status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_DECRYPT,
+ check1[i].key_handle, check1[i].key_alg, output, length, salt,
+ check1[i].salt_length, output, check1[i].output_size, &length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
+ /* Check if the output length matches with the input length */
+ TEST_ASSERT_EQUAL(length, check1[i].input_length, TEST_CHECKPOINT_NUM(9));
+
+ /* Check if the output matches with the given input data */
+ TEST_ASSERT_MEMCMP(output, check1[i].input, length, TEST_CHECKPOINT_NUM(10));
+ }
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_asymmetric_encrypt_negative_test(security_t caller)
+{
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ int32_t i, status;
+ uint8_t *salt;
+ size_t length;
+ psa_key_policy_t policy;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_encrypt - Invalid key handle\n",
+ g_test_count++);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
+ check2[i].key_alg);
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_encrypt - Invalid key handle\n",
+ g_test_count++);
+ /* Encrypt a short message with a public key */
+ status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_ENCRYPT, check2[i].key_handle,
+ check2[i].key_alg, check2[i].input, check2[i].input_length, salt,
+ check2[i].salt_length, output, check2[i].output_size, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_encrypt - Zero as key handle\n",
+ g_test_count++);
+ /* Encrypt a short message with a public key */
+ status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_ENCRYPT, 0,
+ check2[i].key_alg, check2[i].input, check2[i].input_length, salt,
+ check2[i].salt_length, output, check2[i].output_size, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_encrypt - Empty key handle\n",
+ g_test_count++);
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check2[i].key_type,
+ check2[i].key_length, &check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ if (is_buffer_empty(check1[i].salt, check1[i].salt_length) == TRUE)
+ salt = NULL;
+ else
+ salt = check1[i].salt;
+
+ /* Encrypt a short message with a public key */
+ status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_ENCRYPT, check2[i].key_handle,
+ check2[i].key_alg, check2[i].input, check2[i].input_length, salt,
+ check2[i].salt_length, output, check2[i].output_size, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_EMPTY_SLOT, TEST_CHECKPOINT_NUM(7));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
diff --git a/api-tests/dev_apis/crypto/test_c039/test_c039.h b/api-tests/dev_apis/crypto/test_c039/test_c039.h
new file mode 100644
index 0000000..27d7497
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c039/test_c039.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C039_CLIENT_TESTS_H_
+#define _TEST_C039_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c039)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c039_crypto_list[];
+
+int32_t psa_asymmetric_encrypt_test(security_t caller);
+int32_t psa_asymmetric_encrypt_negative_test(security_t caller);
+#endif /* _TEST_C039_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c039/test_data.h b/api-tests/dev_apis/crypto/test_c039/test_data.h
new file mode 100644
index 0000000..e3a86bb
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c039/test_data.h
@@ -0,0 +1,232 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[16];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ uint8_t salt[16];
+ size_t salt_length;
+ uint8_t input[32];
+ size_t input_length;
+ size_t output_size;
+ size_t expected_output_length;
+ size_t expected_bit_length;
+ psa_status_t expected_status;
+} test_data;
+
+static uint8_t rsa_384_keypair[1];
+static uint8_t rsa_384_keydata[1];
+static uint8_t rsa_256_keypair[1];
+static uint8_t rsa_256_keydata[1];
+
+static uint8_t ec_keydata[] = {
+ 0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
+ 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
+ 0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
+ 0xF6, 0x20, 0xA5, 0x58, 0xA5, 0x01, 0xE0, 0x22, 0x2D, 0x08, 0xCF, 0xE0, 0xDC, 0x8A,
+ 0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
+ 0x24, 0x74, 0x90, 0x9A, 0xE0};
+
+static uint8_t ec_keypair[] = {
+ 0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
+ 0xF5, 0x49, 0xBD, 0x6F, 0x05, 0x53, 0x49, 0x4B, 0x73, 0xE3, 0xD6, 0x11, 0x30, 0xFD,
+ 0xC6, 0xC9, 0x6D, 0xA0, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
+ 0x01, 0xA1, 0x34, 0x03, 0x32, 0x00, 0x04, 0x51, 0x75, 0xBC, 0xDF, 0x30, 0xA3, 0x70,
+ 0xF3, 0x9D, 0x53, 0x93, 0xE6, 0x12, 0x72, 0x88, 0xD8, 0x01, 0x67, 0xB5, 0xF4, 0xB4,
+ 0xB7, 0x76, 0xC6, 0x74, 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F,
+ 0x68, 0x54, 0xB5, 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
+
+static uint8_t rsa_128_keydata[] = {
+ 0x30, 0x81, 0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
+ 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02,
+ 0x81, 0x81, 0x00, 0xaf, 0x05, 0x7d, 0x39, 0x6e, 0xe8, 0x4f, 0xb7, 0x5f, 0xdb,
+ 0xb5, 0xc2, 0xb1, 0x3c, 0x7f, 0xe5, 0xa6, 0x54, 0xaa, 0x8a, 0xa2, 0x47, 0x0b,
+ 0x54, 0x1e, 0xe1, 0xfe, 0xb0, 0xb1, 0x2d, 0x25, 0xc7, 0x97, 0x11, 0x53, 0x12,
+ 0x49, 0xe1, 0x12, 0x96, 0x28, 0x04, 0x2d, 0xbb, 0xb6, 0xc1, 0x20, 0xd1, 0x44,
+ 0x35, 0x24, 0xef, 0x4c, 0x0e, 0x6e, 0x1d, 0x89, 0x56, 0xee, 0xb2, 0x07, 0x7a,
+ 0xf1, 0x23, 0x49, 0xdd, 0xee, 0xe5, 0x44, 0x83, 0xbc, 0x06, 0xc2, 0xc6, 0x19,
+ 0x48, 0xcd, 0x02, 0xb2, 0x02, 0xe7, 0x96, 0xae, 0xbd, 0x94, 0xd3, 0xa7, 0xcb,
+ 0xf8, 0x59, 0xc2, 0xc1, 0x81, 0x9c, 0x32, 0x4c, 0xb8, 0x2b, 0x9c, 0xd3, 0x4e,
+ 0xde, 0x26, 0x3a, 0x2a, 0xbf, 0xfe, 0x47, 0x33, 0xf0, 0x77, 0x86, 0x9e, 0x86,
+ 0x60, 0xf7, 0xd6, 0x83, 0x4d, 0xa5, 0x3d, 0x69, 0x0e, 0xf7, 0x98, 0x5f, 0x6b,
+ 0xc3, 0x02, 0x03, 0x01, 0x00, 0x01};
+
+static uint8_t rsa_128_keypair[] = {
+0x30, 0x82, 0x02, 0x5e, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xaf, 0x05,
+0x7d, 0x39, 0x6e, 0xe8, 0x4f, 0xb7, 0x5f, 0xdb, 0xb5, 0xc2, 0xb1, 0x3c, 0x7f,
+0xe5, 0xa6, 0x54, 0xaa, 0x8a, 0xa2, 0x47, 0x0b, 0x54, 0x1e, 0xe1, 0xfe, 0xb0,
+0xb1, 0x2d, 0x25, 0xc7, 0x97, 0x11, 0x53, 0x12, 0x49, 0xe1, 0x12, 0x96, 0x28,
+0x04, 0x2d, 0xbb, 0xb6, 0xc1, 0x20, 0xd1, 0x44, 0x35, 0x24, 0xef, 0x4c, 0x0e,
+0x6e, 0x1d, 0x89, 0x56, 0xee, 0xb2, 0x07, 0x7a, 0xf1, 0x23, 0x49, 0xdd, 0xee,
+0xe5, 0x44, 0x83, 0xbc, 0x06, 0xc2, 0xc6, 0x19, 0x48, 0xcd, 0x02, 0xb2, 0x02,
+0xe7, 0x96, 0xae, 0xbd, 0x94, 0xd3, 0xa7, 0xcb, 0xf8, 0x59, 0xc2, 0xc1, 0x81,
+0x9c, 0x32, 0x4c, 0xb8, 0x2b, 0x9c, 0xd3, 0x4e, 0xde, 0x26, 0x3a, 0x2a, 0xbf,
+0xfe, 0x47, 0x33, 0xf0, 0x77, 0x86, 0x9e, 0x86, 0x60, 0xf7, 0xd6, 0x83, 0x4d,
+0xa5, 0x3d, 0x69, 0x0e, 0xf7, 0x98, 0x5f, 0x6b, 0xc3, 0x02, 0x03, 0x01, 0x00,
+0x01, 0x02, 0x81, 0x81, 0x00, 0x87, 0x4b, 0xf0, 0xff, 0xc2, 0xf2, 0xa7, 0x1d,
+0x14, 0x67, 0x1d, 0xdd, 0x01, 0x71, 0xc9, 0x54, 0xd7, 0xfd, 0xbf, 0x50, 0x28,
+0x1e, 0x4f, 0x6d, 0x99, 0xea, 0x0e, 0x1e, 0xbc, 0xf8, 0x2f, 0xaa, 0x58, 0xe7,
+0xb5, 0x95, 0xff, 0xb2, 0x93, 0xd1, 0xab, 0xe1, 0x7f, 0x11, 0x0b, 0x37, 0xc4,
+0x8c, 0xc0, 0xf3, 0x6c, 0x37, 0xe8, 0x4d, 0x87, 0x66, 0x21, 0xd3, 0x27, 0xf6,
+0x4b, 0xbe, 0x08, 0x45, 0x7d, 0x3e, 0xc4, 0x09, 0x8b, 0xa2, 0xfa, 0x0a, 0x31,
+0x9f, 0xba, 0x41, 0x1c, 0x28, 0x41, 0xed, 0x7b, 0xe8, 0x31, 0x96, 0xa8, 0xcd,
+0xf9, 0xda, 0xa5, 0xd0, 0x06, 0x94, 0xbc, 0x33, 0x5f, 0xc4, 0xc3, 0x22, 0x17,
+0xfe, 0x04, 0x88, 0xbc, 0xe9, 0xcb, 0x72, 0x02, 0xe5, 0x94, 0x68, 0xb1, 0xea,
+0xd1, 0x19, 0x00, 0x04, 0x77, 0xdb, 0x2c, 0xa7, 0x97, 0xfa, 0xc1, 0x9e, 0xda,
+0x3f, 0x58, 0xc1, 0x02, 0x41, 0x00, 0xe2, 0xab, 0x76, 0x08, 0x41, 0xbb, 0x9d,
+0x30, 0xa8, 0x1d, 0x22, 0x2d, 0xe1, 0xeb, 0x73, 0x81, 0xd8, 0x22, 0x14, 0x40,
+0x7f, 0x1b, 0x97, 0x5c, 0xbb, 0xfe, 0x4e, 0x1a, 0x94, 0x67, 0xfd, 0x98, 0xad,
+0xbd, 0x78, 0xf6, 0x07, 0x83, 0x6c, 0xa5, 0xbe, 0x19, 0x28, 0xb9, 0xd1, 0x60,
+0xd9, 0x7f, 0xd4, 0x5c, 0x12, 0xd6, 0xb5, 0x2e, 0x2c, 0x98, 0x71, 0xa1, 0x74,
+0xc6, 0x6b, 0x48, 0x81, 0x13, 0x02, 0x41, 0x00, 0xc5, 0xab, 0x27, 0x60, 0x21,
+0x59, 0xae, 0x7d, 0x6f, 0x20, 0xc3, 0xc2, 0xee, 0x85, 0x1e, 0x46, 0xdc, 0x11,
+0x2e, 0x68, 0x9e, 0x28, 0xd5, 0xfc, 0xbb, 0xf9, 0x90, 0xa9, 0x9e, 0xf8, 0xa9,
+0x0b, 0x8b, 0xb4, 0x4f, 0xd3, 0x64, 0x67, 0xe7, 0xfc, 0x17, 0x89, 0xce, 0xb6,
+0x63, 0xab, 0xda, 0x33, 0x86, 0x52, 0xc3, 0xc7, 0x3f, 0x11, 0x17, 0x74, 0x90,
+0x2e, 0x84, 0x05, 0x65, 0x92, 0x70, 0x91, 0x02, 0x41, 0x00, 0xb6, 0xcd, 0xbd,
+0x35, 0x4f, 0x7d, 0xf5, 0x79, 0xa6, 0x3b, 0x48, 0xb3, 0x64, 0x3e, 0x35, 0x3b,
+0x84, 0x89, 0x87, 0x77, 0xb4, 0x8b, 0x15, 0xf9, 0x4e, 0x0b, 0xfc, 0x05, 0x67,
+0xa6, 0xae, 0x59, 0x11, 0xd5, 0x7a, 0xd6, 0x40, 0x9c, 0xf7, 0x64, 0x7b, 0xf9,
+0x62, 0x64, 0xe9, 0xbd, 0x87, 0xeb, 0x95, 0xe2, 0x63, 0xb7, 0x11, 0x0b, 0x9a,
+0x1f, 0x9f, 0x94, 0xac, 0xce, 0xd0, 0xfa, 0xfa, 0x4d, 0x02, 0x40, 0x71, 0x19,
+0x5e, 0xec, 0x37, 0xe8, 0xd2, 0x57, 0xde, 0xcf, 0xc6, 0x72, 0xb0, 0x7a, 0xe6,
+0x39, 0xf1, 0x0c, 0xbb, 0x9b, 0x0c, 0x73, 0x9d, 0x0c, 0x80, 0x99, 0x68, 0xd6,
+0x44, 0xa9, 0x4e, 0x3f, 0xd6, 0xed, 0x92, 0x87, 0x07, 0x7a, 0x14, 0x58, 0x3f,
+0x37, 0x90, 0x58, 0xf7, 0x6a, 0x8a, 0xec, 0xd4, 0x3c, 0x62, 0xdc, 0x8c, 0x0f,
+0x41, 0x76, 0x66, 0x50, 0xd7, 0x25, 0x27, 0x5a, 0xc4, 0xa1, 0x02, 0x41, 0x00,
+0xbb, 0x32, 0xd1, 0x33, 0xed, 0xc2, 0xe0, 0x48, 0xd4, 0x63, 0x38, 0x8b, 0x7b,
+0xe9, 0xcb, 0x4b, 0xe2, 0x9f, 0x4b, 0x62, 0x50, 0xbe, 0x60, 0x3e, 0x70, 0xe3,
+0x64, 0x75, 0x01, 0xc9, 0x7d, 0xdd, 0xe2, 0x0a, 0x4e, 0x71, 0xbe, 0x95, 0xfd,
+0x5e, 0x71, 0x78, 0x4e, 0x25, 0xac, 0xa4, 0xba, 0xf2, 0x5b, 0xe5, 0x73, 0x8a,
+0xae, 0x59, 0xbb, 0xfe, 0x1c, 0x99, 0x77, 0x81, 0x44, 0x7a, 0x2b, 0x24};
+
+static test_data check1[] = {
+{"Test psa_asymmetric_encrypt - RSA PKCS1V15\n", 1, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+{0}, 162, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_RSA_PKCS1V15_CRYPT,
+{0}, 0,
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad}, 22, 128,
+ 128, 1024, PSA_SUCCESS
+},
+
+{"Test psa_asymmetric_encrypt - RSA OAEP SHA256\n", 2, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+{0}, 162, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256),
+{0}, 0,
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad}, 22, 128,
+ 128, 1024, PSA_SUCCESS
+},
+
+{"Test psa_asymmetric_encrypt - RSA OAEP SHA256 with label\n", 3, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+{0}, 162, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256),
+{0x74, 0x68, 0x69, 0x73, 0x00, 0x69, 0x73, 0x00, 0x61, 0x00, 0x6c, 0x61, 0x62,
+ 0x65, 0x6c, 0x00}, 16,
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad}, 22, 128,
+ 128, 1024, PSA_SUCCESS
+},
+
+{"Test psa_asymmetric_encrypt - RSA KEYPAIR PKCS1V15\n", 4, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 610, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_PKCS1V15_CRYPT,
+{0}, 0,
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad}, 22, 128,
+ 128, 1024, PSA_SUCCESS
+},
+
+{"Test psa_asymmetric_encrypt - Small output buffer\n", 5, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+{0}, 162, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_PKCS1V15_CRYPT,
+{0}, 0,
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad}, 22, 110,
+ 128, 1024, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_asymmetric_encrypt - Invalid algorithm\n", 6, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+{0}, 162, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_SHA_256,
+{0}, 0,
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad}, 22, 128,
+ 128, 1024, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_asymmetric_encrypt - Invalid key type\n", 7, PSA_KEY_TYPE_AES,
+{0x30, 0x82, 0x02, 0x5e, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xaf, 0x05,
+ 0x7d, 0x39, 0x6e}, 16,
+ PSA_KEY_USAGE_ENCRYPT, PSA_ALG_RSA_PKCS1V15_CRYPT,
+{0}, 0,
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad}, 22, 128,
+ 0, BYTES_TO_BITS(AES_16B_KEY_SIZE), PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_asymmetric_encrypt - Invalid usage\n", 8, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+{0}, 162, PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_PKCS1V15_CRYPT,
+{0}, 0,
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad}, 22, 128,
+ 128, 1024, PSA_ERROR_NOT_PERMITTED
+},
+
+#ifdef FUTURE_SUPPORT
+{"Test psa_asymmetric_encrypt - ECC public key\n", 9,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | PSA_ECC_CURVE_SECP192R1,
+{0}, 75, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_ECDSA_ANY,
+{0}, 0,
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad}, 22, 128,
+ 0, 192, PSA_SUCCESS
+}
+
+{"Test psa_asymmetric_encrypt - ECC keypair\n", 10,
+ PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1),
+{0}, 97, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
+{0}, 0,
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad}, 22, 128,
+ 0, 192, PSA_SUCCESS
+}
+#endif
+};
+
+static test_data check2[] = {
+{"Test psa_asymmetric_encrypt - Negative case\n", 11, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+{0}, 162, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_RSA_PKCS1V15_CRYPT,
+{0}, 0,
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad}, 22, 128,
+ 128, 1024, PSA_SUCCESS
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c039/test_entry.c b/api-tests/dev_apis/crypto/test_c039/test_entry.c
new file mode 100644
index 0000000..323f173
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c039/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c039.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 39)
+#define TEST_DESC "Testing crypto asymmetric APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c039_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c040/source.mk b/api-tests/dev_apis/crypto/test_c040/source.mk
new file mode 100644
index 0000000..e4eaffe
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c040/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c040.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c040/test_c040.c b/api-tests/dev_apis/crypto/test_c040/test_c040.c
new file mode 100644
index 0000000..e8f6332
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c040/test_c040.c
@@ -0,0 +1,227 @@
+
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c040.h"
+#include "test_data.h"
+
+client_test_t test_c040_crypto_list[] = {
+ NULL,
+ psa_asymmetric_decrypt_test,
+ psa_asymmetric_decrypt_negative_test,
+ NULL,
+};
+
+static bool_t is_buffer_empty(uint8_t *buffer, size_t size)
+{
+ int i;
+
+ for (i = 0; i < size; i++)
+ {
+ if (buffer[i] != 0)
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
+static int g_test_count = 1;
+static uint8_t output[SIZE_128B];
+
+int32_t psa_asymmetric_decrypt_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ uint8_t *key_data, *salt;
+ size_t length;
+ psa_key_policy_t policy;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ memset(output, 0, sizeof(output));
+
+ /* Set the key data based on key type */
+ if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
+ {
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(128))
+ key_data = rsa_128_keypair;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ else
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(128))
+ key_data = rsa_128_keydata;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ key_data = ec_keypair;
+ else
+ key_data = ec_keydata;
+ }
+ else
+ key_data = check1[i].key_data;
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ if (is_buffer_empty(check1[i].salt, check1[i].salt_length) == TRUE)
+ salt = NULL;
+ else
+ salt = check1[i].salt;
+
+ /* Decrypt a short message with a private key */
+ status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_DECRYPT, check1[i].key_handle,
+ check1[i].key_alg, check1[i].input, check1[i].input_length, salt,
+ check1[i].salt_length, output, check1[i].output_size, &length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ continue;
+
+ /* Check if the output length matches with the expected length */
+ TEST_ASSERT_EQUAL(length, check1[i].expected_output_length, TEST_CHECKPOINT_NUM(7));
+
+ /* Check if the output matches with the expected data */
+ TEST_ASSERT_MEMCMP(output, check1[i].expected_output, length, TEST_CHECKPOINT_NUM(8));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_asymmetric_decrypt_negative_test(security_t caller)
+{
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ int32_t i, status;
+ uint8_t *salt;
+ size_t length;
+ psa_key_policy_t policy;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_decrypt - Invalid key handle\n",
+ g_test_count++);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
+ check2[i].key_alg);
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_decrypt - Invalid key handle\n",
+ g_test_count++);
+ /* Encrypt a short message with a public key */
+ status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_DECRYPT, check2[i].key_handle,
+ check2[i].key_alg, check2[i].input, check2[i].input_length, salt,
+ check2[i].salt_length, output, check2[i].output_size, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_decrypt - Zero as key handle\n",
+ g_test_count++);
+ /* Encrypt a short message with a public key */
+ status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_DECRYPT, 0,
+ check2[i].key_alg, check2[i].input, check2[i].input_length, salt,
+ check2[i].salt_length, output, check2[i].output_size, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_decrypt - Empty key handle\n",
+ g_test_count++);
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check2[i].key_type,
+ check2[i].key_length, &check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ if (is_buffer_empty(check1[i].salt, check1[i].salt_length) == TRUE)
+ salt = NULL;
+ else
+ salt = check1[i].salt;
+
+ /* Encrypt a short message with a public key */
+ status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_DECRYPT, check2[i].key_handle,
+ check2[i].key_alg, check2[i].input, check2[i].input_length, salt,
+ check2[i].salt_length, output, check2[i].output_size, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_EMPTY_SLOT, TEST_CHECKPOINT_NUM(7));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+
diff --git a/api-tests/dev_apis/crypto/test_c040/test_c040.h b/api-tests/dev_apis/crypto/test_c040/test_c040.h
new file mode 100644
index 0000000..ebb8f5b
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c040/test_c040.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C040_CLIENT_TESTS_H_
+#define _TEST_C040_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c040)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c040_crypto_list[];
+
+int32_t psa_asymmetric_decrypt_test(security_t caller);
+int32_t psa_asymmetric_decrypt_negative_test(security_t caller);
+#endif /* _TEST_C040_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c040/test_data.h b/api-tests/dev_apis/crypto/test_c040/test_data.h
new file mode 100644
index 0000000..e23e685
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c040/test_data.h
@@ -0,0 +1,307 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[16];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ uint8_t salt[16];
+ size_t salt_length;
+ uint8_t input[128];
+ size_t input_length;
+ size_t output_size;
+ uint8_t expected_output[32];
+ size_t expected_output_length;
+ size_t expected_bit_length;
+ psa_status_t expected_status;
+} test_data;
+
+static uint8_t rsa_384_keypair[1];
+static uint8_t rsa_384_keydata[1];
+static uint8_t rsa_256_keypair[1];
+static uint8_t rsa_256_keydata[1];
+
+static uint8_t ec_keydata[] = {
+ 0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
+ 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
+ 0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
+ 0xF6, 0x20, 0xA5, 0x58, 0xA5, 0x01, 0xE0, 0x22, 0x2D, 0x08, 0xCF, 0xE0, 0xDC, 0x8A,
+ 0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
+ 0x24, 0x74, 0x90, 0x9A, 0xE0};
+
+static uint8_t ec_keypair[] = {
+ 0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
+ 0xF5, 0x49, 0xBD, 0x6F, 0x05, 0x53, 0x49, 0x4B, 0x73, 0xE3, 0xD6, 0x11, 0x30, 0xFD,
+ 0xC6, 0xC9, 0x6D, 0xA0, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
+ 0x01, 0xA1, 0x34, 0x03, 0x32, 0x00, 0x04, 0x51, 0x75, 0xBC, 0xDF, 0x30, 0xA3, 0x70,
+ 0xF3, 0x9D, 0x53, 0x93, 0xE6, 0x12, 0x72, 0x88, 0xD8, 0x01, 0x67, 0xB5, 0xF4, 0xB4,
+ 0xB7, 0x76, 0xC6, 0x74, 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F,
+ 0x68, 0x54, 0xB5, 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
+
+static uint8_t rsa_128_keydata[] = {
+ 0x30, 0x81, 0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
+ 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02,
+ 0x81, 0x81, 0x00, 0xaf, 0x05, 0x7d, 0x39, 0x6e, 0xe8, 0x4f, 0xb7, 0x5f, 0xdb,
+ 0xb5, 0xc2, 0xb1, 0x3c, 0x7f, 0xe5, 0xa6, 0x54, 0xaa, 0x8a, 0xa2, 0x47, 0x0b,
+ 0x54, 0x1e, 0xe1, 0xfe, 0xb0, 0xb1, 0x2d, 0x25, 0xc7, 0x97, 0x11, 0x53, 0x12,
+ 0x49, 0xe1, 0x12, 0x96, 0x28, 0x04, 0x2d, 0xbb, 0xb6, 0xc1, 0x20, 0xd1, 0x44,
+ 0x35, 0x24, 0xef, 0x4c, 0x0e, 0x6e, 0x1d, 0x89, 0x56, 0xee, 0xb2, 0x07, 0x7a,
+ 0xf1, 0x23, 0x49, 0xdd, 0xee, 0xe5, 0x44, 0x83, 0xbc, 0x06, 0xc2, 0xc6, 0x19,
+ 0x48, 0xcd, 0x02, 0xb2, 0x02, 0xe7, 0x96, 0xae, 0xbd, 0x94, 0xd3, 0xa7, 0xcb,
+ 0xf8, 0x59, 0xc2, 0xc1, 0x81, 0x9c, 0x32, 0x4c, 0xb8, 0x2b, 0x9c, 0xd3, 0x4e,
+ 0xde, 0x26, 0x3a, 0x2a, 0xbf, 0xfe, 0x47, 0x33, 0xf0, 0x77, 0x86, 0x9e, 0x86,
+ 0x60, 0xf7, 0xd6, 0x83, 0x4d, 0xa5, 0x3d, 0x69, 0x0e, 0xf7, 0x98, 0x5f, 0x6b,
+ 0xc3, 0x02, 0x03, 0x01, 0x00, 0x01};
+
+static uint8_t rsa_128_keypair[] = {
+0x30, 0x82, 0x02, 0x5e, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xaf, 0x05,
+0x7d, 0x39, 0x6e, 0xe8, 0x4f, 0xb7, 0x5f, 0xdb, 0xb5, 0xc2, 0xb1, 0x3c, 0x7f,
+0xe5, 0xa6, 0x54, 0xaa, 0x8a, 0xa2, 0x47, 0x0b, 0x54, 0x1e, 0xe1, 0xfe, 0xb0,
+0xb1, 0x2d, 0x25, 0xc7, 0x97, 0x11, 0x53, 0x12, 0x49, 0xe1, 0x12, 0x96, 0x28,
+0x04, 0x2d, 0xbb, 0xb6, 0xc1, 0x20, 0xd1, 0x44, 0x35, 0x24, 0xef, 0x4c, 0x0e,
+0x6e, 0x1d, 0x89, 0x56, 0xee, 0xb2, 0x07, 0x7a, 0xf1, 0x23, 0x49, 0xdd, 0xee,
+0xe5, 0x44, 0x83, 0xbc, 0x06, 0xc2, 0xc6, 0x19, 0x48, 0xcd, 0x02, 0xb2, 0x02,
+0xe7, 0x96, 0xae, 0xbd, 0x94, 0xd3, 0xa7, 0xcb, 0xf8, 0x59, 0xc2, 0xc1, 0x81,
+0x9c, 0x32, 0x4c, 0xb8, 0x2b, 0x9c, 0xd3, 0x4e, 0xde, 0x26, 0x3a, 0x2a, 0xbf,
+0xfe, 0x47, 0x33, 0xf0, 0x77, 0x86, 0x9e, 0x86, 0x60, 0xf7, 0xd6, 0x83, 0x4d,
+0xa5, 0x3d, 0x69, 0x0e, 0xf7, 0x98, 0x5f, 0x6b, 0xc3, 0x02, 0x03, 0x01, 0x00,
+0x01, 0x02, 0x81, 0x81, 0x00, 0x87, 0x4b, 0xf0, 0xff, 0xc2, 0xf2, 0xa7, 0x1d,
+0x14, 0x67, 0x1d, 0xdd, 0x01, 0x71, 0xc9, 0x54, 0xd7, 0xfd, 0xbf, 0x50, 0x28,
+0x1e, 0x4f, 0x6d, 0x99, 0xea, 0x0e, 0x1e, 0xbc, 0xf8, 0x2f, 0xaa, 0x58, 0xe7,
+0xb5, 0x95, 0xff, 0xb2, 0x93, 0xd1, 0xab, 0xe1, 0x7f, 0x11, 0x0b, 0x37, 0xc4,
+0x8c, 0xc0, 0xf3, 0x6c, 0x37, 0xe8, 0x4d, 0x87, 0x66, 0x21, 0xd3, 0x27, 0xf6,
+0x4b, 0xbe, 0x08, 0x45, 0x7d, 0x3e, 0xc4, 0x09, 0x8b, 0xa2, 0xfa, 0x0a, 0x31,
+0x9f, 0xba, 0x41, 0x1c, 0x28, 0x41, 0xed, 0x7b, 0xe8, 0x31, 0x96, 0xa8, 0xcd,
+0xf9, 0xda, 0xa5, 0xd0, 0x06, 0x94, 0xbc, 0x33, 0x5f, 0xc4, 0xc3, 0x22, 0x17,
+0xfe, 0x04, 0x88, 0xbc, 0xe9, 0xcb, 0x72, 0x02, 0xe5, 0x94, 0x68, 0xb1, 0xea,
+0xd1, 0x19, 0x00, 0x04, 0x77, 0xdb, 0x2c, 0xa7, 0x97, 0xfa, 0xc1, 0x9e, 0xda,
+0x3f, 0x58, 0xc1, 0x02, 0x41, 0x00, 0xe2, 0xab, 0x76, 0x08, 0x41, 0xbb, 0x9d,
+0x30, 0xa8, 0x1d, 0x22, 0x2d, 0xe1, 0xeb, 0x73, 0x81, 0xd8, 0x22, 0x14, 0x40,
+0x7f, 0x1b, 0x97, 0x5c, 0xbb, 0xfe, 0x4e, 0x1a, 0x94, 0x67, 0xfd, 0x98, 0xad,
+0xbd, 0x78, 0xf6, 0x07, 0x83, 0x6c, 0xa5, 0xbe, 0x19, 0x28, 0xb9, 0xd1, 0x60,
+0xd9, 0x7f, 0xd4, 0x5c, 0x12, 0xd6, 0xb5, 0x2e, 0x2c, 0x98, 0x71, 0xa1, 0x74,
+0xc6, 0x6b, 0x48, 0x81, 0x13, 0x02, 0x41, 0x00, 0xc5, 0xab, 0x27, 0x60, 0x21,
+0x59, 0xae, 0x7d, 0x6f, 0x20, 0xc3, 0xc2, 0xee, 0x85, 0x1e, 0x46, 0xdc, 0x11,
+0x2e, 0x68, 0x9e, 0x28, 0xd5, 0xfc, 0xbb, 0xf9, 0x90, 0xa9, 0x9e, 0xf8, 0xa9,
+0x0b, 0x8b, 0xb4, 0x4f, 0xd3, 0x64, 0x67, 0xe7, 0xfc, 0x17, 0x89, 0xce, 0xb6,
+0x63, 0xab, 0xda, 0x33, 0x86, 0x52, 0xc3, 0xc7, 0x3f, 0x11, 0x17, 0x74, 0x90,
+0x2e, 0x84, 0x05, 0x65, 0x92, 0x70, 0x91, 0x02, 0x41, 0x00, 0xb6, 0xcd, 0xbd,
+0x35, 0x4f, 0x7d, 0xf5, 0x79, 0xa6, 0x3b, 0x48, 0xb3, 0x64, 0x3e, 0x35, 0x3b,
+0x84, 0x89, 0x87, 0x77, 0xb4, 0x8b, 0x15, 0xf9, 0x4e, 0x0b, 0xfc, 0x05, 0x67,
+0xa6, 0xae, 0x59, 0x11, 0xd5, 0x7a, 0xd6, 0x40, 0x9c, 0xf7, 0x64, 0x7b, 0xf9,
+0x62, 0x64, 0xe9, 0xbd, 0x87, 0xeb, 0x95, 0xe2, 0x63, 0xb7, 0x11, 0x0b, 0x9a,
+0x1f, 0x9f, 0x94, 0xac, 0xce, 0xd0, 0xfa, 0xfa, 0x4d, 0x02, 0x40, 0x71, 0x19,
+0x5e, 0xec, 0x37, 0xe8, 0xd2, 0x57, 0xde, 0xcf, 0xc6, 0x72, 0xb0, 0x7a, 0xe6,
+0x39, 0xf1, 0x0c, 0xbb, 0x9b, 0x0c, 0x73, 0x9d, 0x0c, 0x80, 0x99, 0x68, 0xd6,
+0x44, 0xa9, 0x4e, 0x3f, 0xd6, 0xed, 0x92, 0x87, 0x07, 0x7a, 0x14, 0x58, 0x3f,
+0x37, 0x90, 0x58, 0xf7, 0x6a, 0x8a, 0xec, 0xd4, 0x3c, 0x62, 0xdc, 0x8c, 0x0f,
+0x41, 0x76, 0x66, 0x50, 0xd7, 0x25, 0x27, 0x5a, 0xc4, 0xa1, 0x02, 0x41, 0x00,
+0xbb, 0x32, 0xd1, 0x33, 0xed, 0xc2, 0xe0, 0x48, 0xd4, 0x63, 0x38, 0x8b, 0x7b,
+0xe9, 0xcb, 0x4b, 0xe2, 0x9f, 0x4b, 0x62, 0x50, 0xbe, 0x60, 0x3e, 0x70, 0xe3,
+0x64, 0x75, 0x01, 0xc9, 0x7d, 0xdd, 0xe2, 0x0a, 0x4e, 0x71, 0xbe, 0x95, 0xfd,
+0x5e, 0x71, 0x78, 0x4e, 0x25, 0xac, 0xa4, 0xba, 0xf2, 0x5b, 0xe5, 0x73, 0x8a,
+0xae, 0x59, 0xbb, 0xfe, 0x1c, 0x99, 0x77, 0x81, 0x44, 0x7a, 0x2b, 0x24};
+
+static test_data check1[] = {
+{"Test psa_asymmetric_decrypt - RSA KEYPAIR PKCS1V15\n", 1, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 610, PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_PKCS1V15_CRYPT,
+{0}, 0,
+{0x99, 0xff, 0xde, 0x2f, 0xcc, 0x00, 0xc9, 0xcc, 0x01, 0x97, 0x2e, 0xbf, 0xa7,
+ 0x77, 0x9b, 0x29, 0x8d, 0xbb, 0xaf, 0x7f, 0x50, 0x70, 0x7a, 0x74, 0x05, 0x29,
+ 0x6d, 0xd2, 0x78, 0x34, 0x56, 0xfc, 0x79, 0x20, 0x02, 0xf4, 0x62, 0xe7, 0x60,
+ 0x50, 0x0e, 0x02, 0xaf, 0xa2, 0x5a, 0x85, 0x9a, 0xce, 0x87, 0x01, 0xcb, 0x5d,
+ 0x3b, 0x02, 0x62, 0x11, 0x64, 0x31, 0xc4, 0x3a, 0xf8, 0xeb, 0x08, 0xf5, 0xa8,
+ 0x83, 0x01, 0x05, 0x7c, 0xf1, 0xc1, 0x56, 0xa2, 0xa5, 0x19, 0x3c, 0x14, 0x3e,
+ 0x7a, 0x5b, 0x03, 0xfa, 0xc1, 0x32, 0xb7, 0xe8, 0x9e, 0x6d, 0xcd, 0x8f, 0x4c,
+ 0x82, 0xc9, 0xb2, 0x84, 0x52, 0x32, 0x9c, 0x26, 0x0d, 0x30, 0xbc, 0x39, 0xb3,
+ 0x81, 0x6b, 0x7c, 0x46, 0xb4, 0x1b, 0x37, 0xb4, 0x85, 0x0d, 0x2a, 0xe7, 0x4e,
+ 0x72, 0x9f, 0x99, 0xc6, 0x62, 0x1f, 0xbb, 0xe2, 0xe4, 0x68, 0x72},
+ 128, 128,
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad},
+ 32, 1024, PSA_SUCCESS
+},
+
+{"Test psa_asymmetric_decrypt - RSA KEYPAIR OAEP SHA256\n", 2, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 610, PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256),
+{0}, 0,
+{0x3d, 0x31, 0x46, 0xb1, 0xc9, 0x82, 0x00, 0x42, 0x73, 0xa9, 0xeb, 0xb9, 0xb0,
+ 0x63, 0xe6, 0xae, 0x53, 0xb1, 0xa8, 0x5b, 0xfc, 0x80, 0x23, 0x24, 0xbc, 0xdd,
+ 0x04, 0xfa, 0xa0, 0xf7, 0x21, 0x1f, 0xb2, 0xbd, 0xee, 0xa4, 0x03, 0x58, 0x09,
+ 0x55, 0x54, 0xdf, 0x9c, 0x25, 0x08, 0x66, 0xc7, 0x36, 0x1e, 0x73, 0x8f, 0x0d,
+ 0x27, 0x0e, 0xaa, 0x27, 0x73, 0x8e, 0x87, 0x92, 0x8c, 0x5e, 0x31, 0x81, 0x55,
+ 0x06, 0x34, 0x67, 0x27, 0x90, 0x0f, 0xf0, 0x3c, 0xef, 0x0b, 0xe6, 0xf9, 0xdd,
+ 0x6b, 0xba, 0x63, 0xce, 0x89, 0x07, 0x4e, 0x81, 0x94, 0xfe, 0x68, 0xb5, 0xa5,
+ 0x73, 0x94, 0x22, 0xd4, 0xf1, 0x38, 0xbb, 0xbb, 0x61, 0xf4, 0x9b, 0x76, 0xcf,
+ 0x1f, 0x18, 0xde, 0xf2, 0xc9, 0x93, 0xe3, 0x11, 0x3b, 0x08, 0xc1, 0x91, 0xea,
+ 0x1d, 0xa0, 0xfe, 0xb9, 0x4f, 0x8f, 0xd9, 0xb3, 0x01, 0x09, 0xa1},
+ 128, 128,
+{0},
+ 0, 1024, PSA_SUCCESS
+},
+
+{"Test psa_asymmetric_decrypt - RSA KEYPAIR OAEP SHA256 with label\n", 3,
+ PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 610, PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256),
+{0x74, 0x68, 0x69, 0x73, 0x00, 0x69, 0x73, 0x00, 0x61, 0x00, 0x6c, 0x61, 0x62,
+ 0x65, 0x6c, 0x00}, 16,
+{0x46, 0xed, 0xc9, 0x98, 0x4a, 0x6d, 0x4b, 0x7c, 0x7f, 0xd8, 0x8f, 0xda, 0x9e,
+ 0xa9, 0x1d, 0xdb, 0xd3, 0x0b, 0x28, 0xa0, 0x79, 0x3c, 0xc7, 0x5a, 0x9f, 0xcd,
+ 0xd9, 0x4d, 0x86, 0x7c, 0x69, 0x09, 0x0a, 0x69, 0x7d, 0x46, 0xa6, 0xf3, 0x36,
+ 0xa3, 0xe4, 0x8a, 0x12, 0x2d, 0xd3, 0xee, 0x3b, 0x51, 0x56, 0x6b, 0x44, 0x5f,
+ 0xf7, 0x8a, 0xdb, 0x61, 0x3d, 0x09, 0xb7, 0xd8, 0xc5, 0x9c, 0x25, 0xa2, 0x7d,
+ 0x8c, 0xf7, 0xf5, 0xe3, 0x64, 0x55, 0xf2, 0xe7, 0x1f, 0xf6, 0xc6, 0xee, 0x98,
+ 0xd5, 0x74, 0x0e, 0x66, 0xb2, 0x37, 0x94, 0xac, 0xc7, 0x29, 0x06, 0x56, 0x19,
+ 0x51, 0xc2, 0xbe, 0x50, 0x64, 0xf6, 0xa2, 0x50, 0x64, 0x6a, 0xb6, 0x27, 0xec,
+ 0xbf, 0xa4, 0x8c, 0x02, 0xf8, 0x2c, 0x29, 0xfe, 0x9b, 0x8c, 0x8e, 0x6b, 0xe8,
+ 0xeb, 0x75, 0x24, 0x32, 0x12, 0x49, 0x74, 0x37, 0x3b, 0x54, 0x2c},
+ 128, 128,
+{0x74, 0x68, 0x69, 0x73, 0x20, 0x69, 0x73, 0x20, 0x6e, 0x6f, 0x20, 0x73, 0x71,
+ 0x75, 0x65, 0x61, 0x6d, 0x69, 0x73, 0x68, 0x20, 0x6f, 0x73, 0x73, 0x69, 0x66,
+ 0x72, 0x61, 0x67, 0x65},
+ 30, 1024, PSA_SUCCESS
+},
+
+{"Test psa_asymmetric_decrypt - Invalid key type (RSA public key)\n", 4,
+PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+{0}, 162, PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_PKCS1V15_CRYPT,
+{0}, 0,
+{0x3d, 0x31, 0x46, 0xb1, 0xc9, 0x82, 0x00, 0x42, 0x73, 0xa9, 0xeb, 0xb9, 0xb0,
+ 0x63, 0xe6, 0xae, 0x53, 0xb1, 0xa8, 0x5b, 0xfc, 0x80, 0x23, 0x24, 0xbc, 0xdd,
+ 0x04, 0xfa, 0xa0, 0xf7, 0x21, 0x1f, 0xb2, 0xbd, 0xee, 0xa4, 0x03, 0x58, 0x09,
+ 0x55, 0x54, 0xdf, 0x9c, 0x25, 0x08, 0x66, 0xc7, 0x36, 0x1e, 0x73, 0x8f, 0x0d,
+ 0x27, 0x0e, 0xaa, 0x27, 0x73, 0x8e, 0x87, 0x92, 0x8c, 0x5e, 0x31, 0x81, 0x55,
+ 0x06, 0x34, 0x67, 0x27, 0x90, 0x0f, 0xf0, 0x3c, 0xef, 0x0b, 0xe6, 0xf9, 0xdd,
+ 0x6b, 0xba, 0x63, 0xce, 0x89, 0x07, 0x4e, 0x81, 0x94, 0xfe, 0x68, 0xb5, 0xa5,
+ 0x73, 0x94, 0x22, 0xd4, 0xf1, 0x38, 0xbb, 0xbb, 0x61, 0xf4, 0x9b, 0x76, 0xcf,
+ 0x1f, 0x18, 0xde, 0xf2, 0xc9, 0x93, 0xe3, 0x11, 0x3b, 0x08, 0xc1, 0x91, 0xea,
+ 0x1d, 0xa0, 0xfe, 0xb9, 0x4f, 0x8f, 0xd9, 0xb3, 0x01, 0x09, 0xa1},
+ 128, 128,
+{0},
+ 0, 1024, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_asymmetric_decrypt - Small output buffer\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 610, PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_PKCS1V15_CRYPT,
+{0}, 0,
+{0x99, 0xff, 0xde, 0x2f, 0xcc, 0x00, 0xc9, 0xcc, 0x01, 0x97, 0x2e, 0xbf, 0xa7,
+ 0x77, 0x9b, 0x29, 0x8d, 0xbb, 0xaf, 0x7f, 0x50, 0x70, 0x7a, 0x74, 0x05, 0x29,
+ 0x6d, 0xd2, 0x78, 0x34, 0x56, 0xfc, 0x79, 0x20, 0x02, 0xf4, 0x62, 0xe7, 0x60,
+ 0x50, 0x0e, 0x02, 0xaf, 0xa2, 0x5a, 0x85, 0x9a, 0xce, 0x87, 0x01, 0xcb, 0x5d,
+ 0x3b, 0x02, 0x62, 0x11, 0x64, 0x31, 0xc4, 0x3a, 0xf8, 0xeb, 0x08, 0xf5, 0xa8,
+ 0x83, 0x01, 0x05, 0x7c, 0xf1, 0xc1, 0x56, 0xa2, 0xa5, 0x19, 0x3c, 0x14, 0x3e,
+ 0x7a, 0x5b, 0x03, 0xfa, 0xc1, 0x32, 0xb7, 0xe8, 0x9e, 0x6d, 0xcd, 0x8f, 0x4c,
+ 0x82, 0xc9, 0xb2, 0x84, 0x52, 0x32, 0x9c, 0x26, 0x0d, 0x30, 0xbc, 0x39, 0xb3,
+ 0x81, 0x6b, 0x7c, 0x46, 0xb4, 0x1b, 0x37, 0xb4, 0x85, 0x0d, 0x2a, 0xe7, 0x4e,
+ 0x72, 0x9f, 0x99, 0xc6, 0x62, 0x1f, 0xbb, 0xe2, 0xe4, 0x68, 0x72},
+ 128, 30,
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad},
+ 32, 1024, PSA_ERROR_BUFFER_TOO_SMALL
+},
+
+{"Test psa_asymmetric_decrypt - Invalid algorithm\n", 6, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 610, PSA_KEY_USAGE_DECRYPT, PSA_ALG_SHA_256,
+{0}, 0,
+{0x99, 0xff, 0xde, 0x2f, 0xcc, 0x00, 0xc9, 0xcc, 0x01, 0x97, 0x2e, 0xbf, 0xa7,
+ 0x77, 0x9b, 0x29, 0x8d, 0xbb, 0xaf, 0x7f, 0x50, 0x70, 0x7a, 0x74, 0x05, 0x29,
+ 0x6d, 0xd2, 0x78, 0x34, 0x56, 0xfc, 0x79, 0x20, 0x02, 0xf4, 0x62, 0xe7, 0x60,
+ 0x50, 0x0e, 0x02, 0xaf, 0xa2, 0x5a, 0x85, 0x9a, 0xce, 0x87, 0x01, 0xcb, 0x5d,
+ 0x3b, 0x02, 0x62, 0x11, 0x64, 0x31, 0xc4, 0x3a, 0xf8, 0xeb, 0x08, 0xf5, 0xa8,
+ 0x83, 0x01, 0x05, 0x7c, 0xf1, 0xc1, 0x56, 0xa2, 0xa5, 0x19, 0x3c, 0x14, 0x3e,
+ 0x7a, 0x5b, 0x03, 0xfa, 0xc1, 0x32, 0xb7, 0xe8, 0x9e, 0x6d, 0xcd, 0x8f, 0x4c,
+ 0x82, 0xc9, 0xb2, 0x84, 0x52, 0x32, 0x9c, 0x26, 0x0d, 0x30, 0xbc, 0x39, 0xb3,
+ 0x81, 0x6b, 0x7c, 0x46, 0xb4, 0x1b, 0x37, 0xb4, 0x85, 0x0d, 0x2a, 0xe7, 0x4e,
+ 0x72, 0x9f, 0x99, 0xc6, 0x62, 0x1f, 0xbb, 0xe2, 0xe4, 0x68, 0x72},
+ 128, 128,
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad},
+ 32, 1024, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_asymmetric_decrypt - Invalid key type (AES Key)\n", 7, PSA_KEY_TYPE_AES,
+{0x30, 0x82, 0x02, 0x5e, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xaf, 0x05,
+ 0x7d, 0x39, 0x6e}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_PKCS1V15_CRYPT,
+{0}, 0,
+{0x99, 0xff, 0xde, 0x2f, 0xcc, 0x00, 0xc9, 0xcc, 0x01, 0x97, 0x2e, 0xbf, 0xa7,
+ 0x77, 0x9b, 0x29, 0x8d, 0xbb, 0xaf, 0x7f, 0x50, 0x70, 0x7a, 0x74, 0x05, 0x29,
+ 0x6d, 0xd2, 0x78, 0x34, 0x56, 0xfc, 0x79, 0x20, 0x02, 0xf4, 0x62, 0xe7, 0x60,
+ 0x50, 0x0e, 0x02, 0xaf, 0xa2, 0x5a, 0x85, 0x9a, 0xce, 0x87, 0x01, 0xcb, 0x5d,
+ 0x3b, 0x02, 0x62, 0x11, 0x64, 0x31, 0xc4, 0x3a, 0xf8, 0xeb, 0x08, 0xf5, 0xa8,
+ 0x83, 0x01, 0x05, 0x7c, 0xf1, 0xc1, 0x56, 0xa2, 0xa5, 0x19, 0x3c, 0x14, 0x3e,
+ 0x7a, 0x5b, 0x03, 0xfa, 0xc1, 0x32, 0xb7, 0xe8, 0x9e, 0x6d, 0xcd, 0x8f, 0x4c,
+ 0x82, 0xc9, 0xb2, 0x84, 0x52, 0x32, 0x9c, 0x26, 0x0d, 0x30, 0xbc, 0x39, 0xb3,
+ 0x81, 0x6b, 0x7c, 0x46, 0xb4, 0x1b, 0x37, 0xb4, 0x85, 0x0d, 0x2a, 0xe7, 0x4e,
+ 0x72, 0x9f, 0x99, 0xc6, 0x62, 0x1f, 0xbb, 0xe2, 0xe4, 0x68, 0x72},
+ 128, 128,
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad},
+ 32, BYTES_TO_BITS(AES_16B_KEY_SIZE), PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_asymmetric_decrypt - Invalid usage\n", 8, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 610, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_RSA_PKCS1V15_CRYPT,
+{0}, 0,
+{0x99, 0xff, 0xde, 0x2f, 0xcc, 0x00, 0xc9, 0xcc, 0x01, 0x97, 0x2e, 0xbf, 0xa7,
+ 0x77, 0x9b, 0x29, 0x8d, 0xbb, 0xaf, 0x7f, 0x50, 0x70, 0x7a, 0x74, 0x05, 0x29,
+ 0x6d, 0xd2, 0x78, 0x34, 0x56, 0xfc, 0x79, 0x20, 0x02, 0xf4, 0x62, 0xe7, 0x60,
+ 0x50, 0x0e, 0x02, 0xaf, 0xa2, 0x5a, 0x85, 0x9a, 0xce, 0x87, 0x01, 0xcb, 0x5d,
+ 0x3b, 0x02, 0x62, 0x11, 0x64, 0x31, 0xc4, 0x3a, 0xf8, 0xeb, 0x08, 0xf5, 0xa8,
+ 0x83, 0x01, 0x05, 0x7c, 0xf1, 0xc1, 0x56, 0xa2, 0xa5, 0x19, 0x3c, 0x14, 0x3e,
+ 0x7a, 0x5b, 0x03, 0xfa, 0xc1, 0x32, 0xb7, 0xe8, 0x9e, 0x6d, 0xcd, 0x8f, 0x4c,
+ 0x82, 0xc9, 0xb2, 0x84, 0x52, 0x32, 0x9c, 0x26, 0x0d, 0x30, 0xbc, 0x39, 0xb3,
+ 0x81, 0x6b, 0x7c, 0x46, 0xb4, 0x1b, 0x37, 0xb4, 0x85, 0x0d, 0x2a, 0xe7, 0x4e,
+ 0x72, 0x9f, 0x99, 0xc6, 0x62, 0x1f, 0xbb, 0xe2, 0xe4, 0x68, 0x72},
+ 128, 128,
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad},
+ 32, 1024, PSA_ERROR_NOT_PERMITTED
+},
+};
+
+static test_data check2[] = {
+{"Test psa_asymmetric_decrypt - Negative case\n", 1, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 610, PSA_KEY_USAGE_DECRYPT, PSA_ALG_RSA_PKCS1V15_CRYPT,
+{0}, 0,
+{0x99, 0xff, 0xde, 0x2f, 0xcc, 0x00, 0xc9, 0xcc, 0x01, 0x97, 0x2e, 0xbf, 0xa7,
+ 0x77, 0x9b, 0x29, 0x8d, 0xbb, 0xaf, 0x7f, 0x50, 0x70, 0x7a, 0x74, 0x05, 0x29,
+ 0x6d, 0xd2, 0x78, 0x34, 0x56, 0xfc, 0x79, 0x20, 0x02, 0xf4, 0x62, 0xe7, 0x60,
+ 0x50, 0x0e, 0x02, 0xaf, 0xa2, 0x5a, 0x85, 0x9a, 0xce, 0x87, 0x01, 0xcb, 0x5d,
+ 0x3b, 0x02, 0x62, 0x11, 0x64, 0x31, 0xc4, 0x3a, 0xf8, 0xeb, 0x08, 0xf5, 0xa8,
+ 0x83, 0x01, 0x05, 0x7c, 0xf1, 0xc1, 0x56, 0xa2, 0xa5, 0x19, 0x3c, 0x14, 0x3e,
+ 0x7a, 0x5b, 0x03, 0xfa, 0xc1, 0x32, 0xb7, 0xe8, 0x9e, 0x6d, 0xcd, 0x8f, 0x4c,
+ 0x82, 0xc9, 0xb2, 0x84, 0x52, 0x32, 0x9c, 0x26, 0x0d, 0x30, 0xbc, 0x39, 0xb3,
+ 0x81, 0x6b, 0x7c, 0x46, 0xb4, 0x1b, 0x37, 0xb4, 0x85, 0x0d, 0x2a, 0xe7, 0x4e,
+ 0x72, 0x9f, 0x99, 0xc6, 0x62, 0x1f, 0xbb, 0xe2, 0xe4, 0x68, 0x72},
+ 128, 128,
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad},
+ 32, 1024, PSA_SUCCESS
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c040/test_entry.c b/api-tests/dev_apis/crypto/test_c040/test_entry.c
new file mode 100644
index 0000000..7b36aed
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c040/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c040.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 40)
+#define TEST_DESC "Testing crypto asymmetric APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c040_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c041/source.mk b/api-tests/dev_apis/crypto/test_c041/source.mk
new file mode 100644
index 0000000..cad0302
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c041/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c041.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c041/test_c041.c b/api-tests/dev_apis/crypto/test_c041/test_c041.c
new file mode 100644
index 0000000..6aeaad7
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c041/test_c041.c
@@ -0,0 +1,201 @@
+
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c041.h"
+#include "test_data.h"
+
+client_test_t test_c041_crypto_list[] = {
+ NULL,
+ psa_asymmetric_sign_test,
+ psa_asymmetric_sign_negative_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static uint8_t signature[SIZE_128B];
+
+int32_t psa_asymmetric_sign_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ uint8_t *key_data;
+ size_t length;
+ psa_key_policy_t policy;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ memset(signature, 0, sizeof(signature));
+
+ /* Set the key data based on key type */
+ if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
+ {
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(128))
+ key_data = rsa_128_keypair;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ else
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(128))
+ key_data = rsa_128_keydata;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ key_data = ec_keypair;
+ else
+ key_data = ec_keydata;
+ }
+ else
+ key_data = check1[i].key_data;
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Sign a hash or short message with a private key */
+ status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_SIGN, check1[i].key_handle,
+ check1[i].key_alg, check1[i].input, check1[i].input_length,
+ signature, check1[i].signature_size, &length);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ continue;
+
+ /* Check if the output length matches with the expected length */
+ TEST_ASSERT_EQUAL(length, check1[i].expected_signature_length, TEST_CHECKPOINT_NUM(7));
+
+ /* Check if the output matches with the expected data */
+ TEST_ASSERT_MEMCMP(signature, check1[i].expected_signature, length, TEST_CHECKPOINT_NUM(8));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_asymmetric_sign_negative_test(security_t caller)
+{
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ int32_t i, status;
+ size_t length;
+ psa_key_policy_t policy;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_sign - Invalid key handle\n",
+ g_test_count++);
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
+ check2[i].key_alg);
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_sign - Invalid key handle\n",
+ g_test_count++);
+ /* Sign a hash or short message with a private key */
+ status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_SIGN, check2[i].key_handle,
+ check2[i].key_alg, check2[i].input, check2[i].input_length,
+ signature, check2[i].signature_size, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_sign - zero as key handle\n",
+ g_test_count++);
+ /* Sign a hash or short message with a private key */
+ status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_SIGN, 0,
+ check2[i].key_alg, check2[i].input, check2[i].input_length,
+ signature, check2[i].signature_size, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_sign - Empty key handle\n",
+ g_test_count++);
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check2[i].key_type,
+ check2[i].key_length, &check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Sign a hash or short message with a private key */
+ status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_SIGN, check2[i].key_handle,
+ check2[i].key_alg, check2[i].input, check2[i].input_length,
+ signature, check2[i].signature_size, &length);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_EMPTY_SLOT, TEST_CHECKPOINT_NUM(7));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
diff --git a/api-tests/dev_apis/crypto/test_c041/test_c041.h b/api-tests/dev_apis/crypto/test_c041/test_c041.h
new file mode 100644
index 0000000..11f8074
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c041/test_c041.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C041_CLIENT_TESTS_H_
+#define _TEST_C041_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c041)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c041_crypto_list[];
+
+int32_t psa_asymmetric_sign_test(security_t caller);
+int32_t psa_asymmetric_sign_negative_test(security_t caller);
+#endif /* _TEST_C041_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c041/test_data.h b/api-tests/dev_apis/crypto/test_c041/test_data.h
new file mode 100644
index 0000000..4077a33
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c041/test_data.h
@@ -0,0 +1,289 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[16];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ uint8_t input[32];
+ size_t input_length;
+ size_t signature_size;
+ uint8_t expected_signature[128];
+ size_t expected_signature_length;
+ size_t expected_bit_length;
+ psa_status_t expected_status;
+} test_data;
+
+static uint8_t rsa_384_keypair[1];
+static uint8_t rsa_384_keydata[1];
+static uint8_t rsa_256_keypair[1];
+static uint8_t rsa_256_keydata[1];
+static uint8_t ec_keydata[1];
+
+static uint8_t ec_keypair[] = {
+ 0x30, 0x78, 0x02, 0x01, 0x01, 0x04, 0x21, 0x00, 0xab, 0x45, 0x43, 0x57, 0x12, 0x64,
+ 0x9c, 0xb3, 0x0b, 0xbd, 0xda, 0xc4, 0x91, 0x97, 0xee, 0xbf, 0x27, 0x40, 0xff, 0xc7,
+ 0xf8, 0x74, 0xd9, 0x24, 0x4c, 0x34, 0x60, 0xf5, 0x4f, 0x32, 0x2d, 0x3a, 0xa0, 0x0a,
+ 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42,
+ 0x00, 0x04, 0xde, 0xa5, 0xe4, 0x5d, 0x0e, 0xa3, 0x7f, 0xc5, 0x66, 0x23, 0x2a, 0x50,
+ 0x8f, 0x4a, 0xd2, 0x0e, 0xa1, 0x3d, 0x47, 0xe4, 0xbf, 0x5f, 0xa4, 0xd5, 0x4a, 0x57,
+ 0xa0, 0xba, 0x01, 0x20, 0x42, 0x08, 0x70, 0x97, 0x49, 0x6e, 0xfc, 0x58, 0x3f, 0xed,
+ 0x8b, 0x24, 0xa5, 0xb9, 0xbe, 0x9a, 0x51, 0xde, 0x06, 0x3f, 0x5a, 0x00, 0xa8, 0xb6,
+ 0x98, 0xa1, 0x6f, 0xd7, 0xf2, 0x9b, 0x54, 0x85, 0xf3, 0x20};
+
+static uint8_t rsa_128_keydata[] = {
+ 0x30, 0x81, 0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
+ 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02,
+ 0x81, 0x81, 0x00, 0xaf, 0x05, 0x7d, 0x39, 0x6e, 0xe8, 0x4f, 0xb7, 0x5f, 0xdb,
+ 0xb5, 0xc2, 0xb1, 0x3c, 0x7f, 0xe5, 0xa6, 0x54, 0xaa, 0x8a, 0xa2, 0x47, 0x0b,
+ 0x54, 0x1e, 0xe1, 0xfe, 0xb0, 0xb1, 0x2d, 0x25, 0xc7, 0x97, 0x11, 0x53, 0x12,
+ 0x49, 0xe1, 0x12, 0x96, 0x28, 0x04, 0x2d, 0xbb, 0xb6, 0xc1, 0x20, 0xd1, 0x44,
+ 0x35, 0x24, 0xef, 0x4c, 0x0e, 0x6e, 0x1d, 0x89, 0x56, 0xee, 0xb2, 0x07, 0x7a,
+ 0xf1, 0x23, 0x49, 0xdd, 0xee, 0xe5, 0x44, 0x83, 0xbc, 0x06, 0xc2, 0xc6, 0x19,
+ 0x48, 0xcd, 0x02, 0xb2, 0x02, 0xe7, 0x96, 0xae, 0xbd, 0x94, 0xd3, 0xa7, 0xcb,
+ 0xf8, 0x59, 0xc2, 0xc1, 0x81, 0x9c, 0x32, 0x4c, 0xb8, 0x2b, 0x9c, 0xd3, 0x4e,
+ 0xde, 0x26, 0x3a, 0x2a, 0xbf, 0xfe, 0x47, 0x33, 0xf0, 0x77, 0x86, 0x9e, 0x86,
+ 0x60, 0xf7, 0xd6, 0x83, 0x4d, 0xa5, 0x3d, 0x69, 0x0e, 0xf7, 0x98, 0x5f, 0x6b,
+ 0xc3, 0x02, 0x03, 0x01, 0x00, 0x01};
+
+static uint8_t rsa_128_keypair[] = {
+0x30, 0x82, 0x02, 0x5e, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xaf, 0x05,
+0x7d, 0x39, 0x6e, 0xe8, 0x4f, 0xb7, 0x5f, 0xdb, 0xb5, 0xc2, 0xb1, 0x3c, 0x7f,
+0xe5, 0xa6, 0x54, 0xaa, 0x8a, 0xa2, 0x47, 0x0b, 0x54, 0x1e, 0xe1, 0xfe, 0xb0,
+0xb1, 0x2d, 0x25, 0xc7, 0x97, 0x11, 0x53, 0x12, 0x49, 0xe1, 0x12, 0x96, 0x28,
+0x04, 0x2d, 0xbb, 0xb6, 0xc1, 0x20, 0xd1, 0x44, 0x35, 0x24, 0xef, 0x4c, 0x0e,
+0x6e, 0x1d, 0x89, 0x56, 0xee, 0xb2, 0x07, 0x7a, 0xf1, 0x23, 0x49, 0xdd, 0xee,
+0xe5, 0x44, 0x83, 0xbc, 0x06, 0xc2, 0xc6, 0x19, 0x48, 0xcd, 0x02, 0xb2, 0x02,
+0xe7, 0x96, 0xae, 0xbd, 0x94, 0xd3, 0xa7, 0xcb, 0xf8, 0x59, 0xc2, 0xc1, 0x81,
+0x9c, 0x32, 0x4c, 0xb8, 0x2b, 0x9c, 0xd3, 0x4e, 0xde, 0x26, 0x3a, 0x2a, 0xbf,
+0xfe, 0x47, 0x33, 0xf0, 0x77, 0x86, 0x9e, 0x86, 0x60, 0xf7, 0xd6, 0x83, 0x4d,
+0xa5, 0x3d, 0x69, 0x0e, 0xf7, 0x98, 0x5f, 0x6b, 0xc3, 0x02, 0x03, 0x01, 0x00,
+0x01, 0x02, 0x81, 0x81, 0x00, 0x87, 0x4b, 0xf0, 0xff, 0xc2, 0xf2, 0xa7, 0x1d,
+0x14, 0x67, 0x1d, 0xdd, 0x01, 0x71, 0xc9, 0x54, 0xd7, 0xfd, 0xbf, 0x50, 0x28,
+0x1e, 0x4f, 0x6d, 0x99, 0xea, 0x0e, 0x1e, 0xbc, 0xf8, 0x2f, 0xaa, 0x58, 0xe7,
+0xb5, 0x95, 0xff, 0xb2, 0x93, 0xd1, 0xab, 0xe1, 0x7f, 0x11, 0x0b, 0x37, 0xc4,
+0x8c, 0xc0, 0xf3, 0x6c, 0x37, 0xe8, 0x4d, 0x87, 0x66, 0x21, 0xd3, 0x27, 0xf6,
+0x4b, 0xbe, 0x08, 0x45, 0x7d, 0x3e, 0xc4, 0x09, 0x8b, 0xa2, 0xfa, 0x0a, 0x31,
+0x9f, 0xba, 0x41, 0x1c, 0x28, 0x41, 0xed, 0x7b, 0xe8, 0x31, 0x96, 0xa8, 0xcd,
+0xf9, 0xda, 0xa5, 0xd0, 0x06, 0x94, 0xbc, 0x33, 0x5f, 0xc4, 0xc3, 0x22, 0x17,
+0xfe, 0x04, 0x88, 0xbc, 0xe9, 0xcb, 0x72, 0x02, 0xe5, 0x94, 0x68, 0xb1, 0xea,
+0xd1, 0x19, 0x00, 0x04, 0x77, 0xdb, 0x2c, 0xa7, 0x97, 0xfa, 0xc1, 0x9e, 0xda,
+0x3f, 0x58, 0xc1, 0x02, 0x41, 0x00, 0xe2, 0xab, 0x76, 0x08, 0x41, 0xbb, 0x9d,
+0x30, 0xa8, 0x1d, 0x22, 0x2d, 0xe1, 0xeb, 0x73, 0x81, 0xd8, 0x22, 0x14, 0x40,
+0x7f, 0x1b, 0x97, 0x5c, 0xbb, 0xfe, 0x4e, 0x1a, 0x94, 0x67, 0xfd, 0x98, 0xad,
+0xbd, 0x78, 0xf6, 0x07, 0x83, 0x6c, 0xa5, 0xbe, 0x19, 0x28, 0xb9, 0xd1, 0x60,
+0xd9, 0x7f, 0xd4, 0x5c, 0x12, 0xd6, 0xb5, 0x2e, 0x2c, 0x98, 0x71, 0xa1, 0x74,
+0xc6, 0x6b, 0x48, 0x81, 0x13, 0x02, 0x41, 0x00, 0xc5, 0xab, 0x27, 0x60, 0x21,
+0x59, 0xae, 0x7d, 0x6f, 0x20, 0xc3, 0xc2, 0xee, 0x85, 0x1e, 0x46, 0xdc, 0x11,
+0x2e, 0x68, 0x9e, 0x28, 0xd5, 0xfc, 0xbb, 0xf9, 0x90, 0xa9, 0x9e, 0xf8, 0xa9,
+0x0b, 0x8b, 0xb4, 0x4f, 0xd3, 0x64, 0x67, 0xe7, 0xfc, 0x17, 0x89, 0xce, 0xb6,
+0x63, 0xab, 0xda, 0x33, 0x86, 0x52, 0xc3, 0xc7, 0x3f, 0x11, 0x17, 0x74, 0x90,
+0x2e, 0x84, 0x05, 0x65, 0x92, 0x70, 0x91, 0x02, 0x41, 0x00, 0xb6, 0xcd, 0xbd,
+0x35, 0x4f, 0x7d, 0xf5, 0x79, 0xa6, 0x3b, 0x48, 0xb3, 0x64, 0x3e, 0x35, 0x3b,
+0x84, 0x89, 0x87, 0x77, 0xb4, 0x8b, 0x15, 0xf9, 0x4e, 0x0b, 0xfc, 0x05, 0x67,
+0xa6, 0xae, 0x59, 0x11, 0xd5, 0x7a, 0xd6, 0x40, 0x9c, 0xf7, 0x64, 0x7b, 0xf9,
+0x62, 0x64, 0xe9, 0xbd, 0x87, 0xeb, 0x95, 0xe2, 0x63, 0xb7, 0x11, 0x0b, 0x9a,
+0x1f, 0x9f, 0x94, 0xac, 0xce, 0xd0, 0xfa, 0xfa, 0x4d, 0x02, 0x40, 0x71, 0x19,
+0x5e, 0xec, 0x37, 0xe8, 0xd2, 0x57, 0xde, 0xcf, 0xc6, 0x72, 0xb0, 0x7a, 0xe6,
+0x39, 0xf1, 0x0c, 0xbb, 0x9b, 0x0c, 0x73, 0x9d, 0x0c, 0x80, 0x99, 0x68, 0xd6,
+0x44, 0xa9, 0x4e, 0x3f, 0xd6, 0xed, 0x92, 0x87, 0x07, 0x7a, 0x14, 0x58, 0x3f,
+0x37, 0x90, 0x58, 0xf7, 0x6a, 0x8a, 0xec, 0xd4, 0x3c, 0x62, 0xdc, 0x8c, 0x0f,
+0x41, 0x76, 0x66, 0x50, 0xd7, 0x25, 0x27, 0x5a, 0xc4, 0xa1, 0x02, 0x41, 0x00,
+0xbb, 0x32, 0xd1, 0x33, 0xed, 0xc2, 0xe0, 0x48, 0xd4, 0x63, 0x38, 0x8b, 0x7b,
+0xe9, 0xcb, 0x4b, 0xe2, 0x9f, 0x4b, 0x62, 0x50, 0xbe, 0x60, 0x3e, 0x70, 0xe3,
+0x64, 0x75, 0x01, 0xc9, 0x7d, 0xdd, 0xe2, 0x0a, 0x4e, 0x71, 0xbe, 0x95, 0xfd,
+0x5e, 0x71, 0x78, 0x4e, 0x25, 0xac, 0xa4, 0xba, 0xf2, 0x5b, 0xe5, 0x73, 0x8a,
+0xae, 0x59, 0xbb, 0xfe, 0x1c, 0x99, 0x77, 0x81, 0x44, 0x7a, 0x2b, 0x24};
+
+static test_data check1[] = {
+{"Test psa_asymmetric_sign - RSA KEYPAIR PKCS1V15 RAW\n", 1, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 610, PSA_KEY_USAGE_SIGN, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+{0x61, 0x62, 0x63}, 3, 128,
+{0x2c, 0x77, 0x44, 0x98, 0x3f, 0x02, 0x3a, 0xc7, 0xbb, 0x1c, 0x55, 0x52, 0x9d,
+ 0x83, 0xed, 0x11, 0xa7, 0x6a, 0x78, 0x98, 0xa1, 0xbb, 0x5c, 0xe1, 0x91, 0x37,
+ 0x5a, 0x4a, 0xa7, 0x49, 0x5a, 0x63, 0x3d, 0x27, 0x87, 0x9f, 0xf5, 0x8e, 0xba,
+ 0x5a, 0x57, 0x37, 0x1c, 0x34, 0xfe, 0xb1, 0x18, 0x0e, 0x8b, 0x85, 0x0d, 0x55,
+ 0x24, 0x76, 0xeb, 0xb5, 0x63, 0x4d, 0xf6, 0x20, 0x26, 0x19, 0x92, 0xf1, 0x2e,
+ 0xbe, 0xe9, 0x09, 0x70, 0x41, 0xdb, 0xbe, 0xa8, 0x5a, 0x42, 0xd4, 0x5b, 0x34,
+ 0x4b, 0xe5, 0x07, 0x3c, 0xeb, 0x77, 0x2f, 0xfc, 0x60, 0x49, 0x54, 0xb9, 0x15,
+ 0x8b, 0xa8, 0x1e, 0xc3, 0xdc, 0x4d, 0x9d, 0x65, 0xe3, 0xab, 0x7a, 0xa3, 0x18,
+ 0x16, 0x5f, 0x38, 0xc3, 0x6f, 0x84, 0x1f, 0x1c, 0x69, 0xcb, 0x1c, 0xfa, 0x49,
+ 0x4a, 0xa5, 0xcb, 0xb4, 0xd6, 0xc0, 0xef, 0xba, 0xfb, 0x04, 0x3a},
+ 128, 1024, PSA_SUCCESS
+},
+
+{"Test psa_asymmetric_sign - RSA KEYPAIR PKCS1V15 SHA-256\n", 2, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 610, PSA_KEY_USAGE_SIGN, PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad}, 32, 128,
+{0xa7, 0x36, 0x64, 0xd5, 0x5b, 0x39, 0xc7, 0xea, 0x6c, 0x1e, 0x5b, 0x50, 0x11,
+ 0x72, 0x4a, 0x11, 0xe1, 0xd7, 0x07, 0x3d, 0x3a, 0x68, 0xf4, 0x8c, 0x83, 0x6f,
+ 0xad, 0x15, 0x3a, 0x1d, 0x91, 0xb6, 0xab, 0xdb, 0xc8, 0xf6, 0x9d, 0xa1, 0x3b,
+ 0x20, 0x6c, 0xc9, 0x6a, 0xf6, 0x36, 0x3b, 0x11, 0x44, 0x58, 0xb0, 0x26, 0xaf,
+ 0x14, 0xb2, 0x4f, 0xab, 0x89, 0x29, 0xed, 0x63, 0x4c, 0x6a, 0x2a, 0xca, 0xce,
+ 0x0b, 0xcc, 0x62, 0xd9, 0xbb, 0x6a, 0x98, 0x4a, 0xfb, 0xcb, 0xfc, 0xd3, 0xa0,
+ 0x60, 0x8d, 0x32, 0xa2, 0xba, 0xe5, 0x35, 0xb9, 0xcd, 0x1e, 0xcd, 0xf9, 0xdd,
+ 0x28, 0x1d, 0xb1, 0xe0, 0x02, 0x5c, 0x3b, 0xfb, 0x55, 0x12, 0x96, 0x3e, 0xc3,
+ 0xb9, 0x8d, 0xda, 0xa6, 0x9e, 0x38, 0xbc, 0x3c, 0x84, 0xb1, 0xb6, 0x1a, 0x04,
+ 0xe5, 0x64, 0x86, 0x40, 0x85, 0x6a, 0xac, 0xc6, 0xfc, 0x73, 0x11},
+ 128, 1024, PSA_SUCCESS
+},
+
+{"Test psa_asymmetric_sign - ECDSA SECP256R1 SHA-256\n", 3,
+ PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1), {0}, 122,
+ PSA_KEY_USAGE_SIGN, PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
+{0x9a, 0xc4, 0x33, 0x5b, 0x46, 0x9b, 0xbd, 0x79, 0x14, 0x39, 0x24, 0x85, 0x04,
+ 0xdd, 0x0d, 0x49, 0xc7, 0x13, 0x49, 0xa2, 0x95, 0xfe, 0xe5, 0xa1, 0xc6, 0x85,
+ 0x07, 0xf4, 0x5a, 0x9e, 0x1c, 0x7b}, 32, 128,
+{0x6a, 0x33, 0x99, 0xf6, 0x94, 0x21, 0xff, 0xe1, 0x49, 0x03, 0x77, 0xad, 0xf2,
+ 0xea, 0x1f, 0x11, 0x7d, 0x81, 0xa6, 0x3c, 0xf5, 0xbf, 0x22, 0xe9, 0x18, 0xd5,
+ 0x11, 0x75, 0xeb, 0x25, 0x91, 0x51, 0xce, 0x95, 0xd7, 0xc2, 0x6c, 0xc0, 0x4e,
+ 0x25, 0x50, 0x3e, 0x2f, 0x7a, 0x1e, 0xc3, 0x57, 0x3e, 0x3c, 0x24, 0x12, 0x53,
+ 0x4b, 0xb4, 0xa1, 0x9b, 0x3a, 0x78, 0x11, 0x74, 0x2f, 0x49, 0xf5, 0x0f},
+ 64, 512, PSA_SUCCESS
+},
+
+{"Test psa_asymmetric_sign - Invalid key type (RSA public key)\n", 4,
+PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+{0}, 162, PSA_KEY_USAGE_SIGN, PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad}, 32, 128,
+{0xa7, 0x36, 0x64, 0xd5, 0x5b, 0x39, 0xc7, 0xea, 0x6c, 0x1e, 0x5b, 0x50, 0x11,
+ 0x72, 0x4a, 0x11, 0xe1, 0xd7, 0x07, 0x3d, 0x3a, 0x68, 0xf4, 0x8c, 0x83, 0x6f,
+ 0xad, 0x15, 0x3a, 0x1d, 0x91, 0xb6, 0xab, 0xdb, 0xc8, 0xf6, 0x9d, 0xa1, 0x3b,
+ 0x20, 0x6c, 0xc9, 0x6a, 0xf6, 0x36, 0x3b, 0x11, 0x44, 0x58, 0xb0, 0x26, 0xaf,
+ 0x14, 0xb2, 0x4f, 0xab, 0x89, 0x29, 0xed, 0x63, 0x4c, 0x6a, 0x2a, 0xca, 0xce,
+ 0x0b, 0xcc, 0x62, 0xd9, 0xbb, 0x6a, 0x98, 0x4a, 0xfb, 0xcb, 0xfc, 0xd3, 0xa0,
+ 0x60, 0x8d, 0x32, 0xa2, 0xba, 0xe5, 0x35, 0xb9, 0xcd, 0x1e, 0xcd, 0xf9, 0xdd,
+ 0x28, 0x1d, 0xb1, 0xe0, 0x02, 0x5c, 0x3b, 0xfb, 0x55, 0x12, 0x96, 0x3e, 0xc3,
+ 0xb9, 0x8d, 0xda, 0xa6, 0x9e, 0x38, 0xbc, 0x3c, 0x84, 0xb1, 0xb6, 0x1a, 0x04,
+ 0xe5, 0x64, 0x86, 0x40, 0x85, 0x6a, 0xac, 0xc6, 0xfc, 0x73, 0x11},
+ 128, 1024, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_asymmetric_sign - Small output buffer\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 610, PSA_KEY_USAGE_SIGN, PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad}, 32, 120,
+{0xa7, 0x36, 0x64, 0xd5, 0x5b, 0x39, 0xc7, 0xea, 0x6c, 0x1e, 0x5b, 0x50, 0x11,
+ 0x72, 0x4a, 0x11, 0xe1, 0xd7, 0x07, 0x3d, 0x3a, 0x68, 0xf4, 0x8c, 0x83, 0x6f,
+ 0xad, 0x15, 0x3a, 0x1d, 0x91, 0xb6, 0xab, 0xdb, 0xc8, 0xf6, 0x9d, 0xa1, 0x3b,
+ 0x20, 0x6c, 0xc9, 0x6a, 0xf6, 0x36, 0x3b, 0x11, 0x44, 0x58, 0xb0, 0x26, 0xaf,
+ 0x14, 0xb2, 0x4f, 0xab, 0x89, 0x29, 0xed, 0x63, 0x4c, 0x6a, 0x2a, 0xca, 0xce,
+ 0x0b, 0xcc, 0x62, 0xd9, 0xbb, 0x6a, 0x98, 0x4a, 0xfb, 0xcb, 0xfc, 0xd3, 0xa0,
+ 0x60, 0x8d, 0x32, 0xa2, 0xba, 0xe5, 0x35, 0xb9, 0xcd, 0x1e, 0xcd, 0xf9, 0xdd,
+ 0x28, 0x1d, 0xb1, 0xe0, 0x02, 0x5c, 0x3b, 0xfb, 0x55, 0x12, 0x96, 0x3e, 0xc3,
+ 0xb9, 0x8d, 0xda, 0xa6, 0x9e, 0x38, 0xbc, 0x3c, 0x84, 0xb1, 0xb6, 0x1a, 0x04,
+ 0xe5, 0x64, 0x86, 0x40, 0x85, 0x6a, 0xac, 0xc6, 0xfc, 0x73, 0x11},
+ 128, 1024, PSA_ERROR_BUFFER_TOO_SMALL
+},
+
+{"Test psa_asymmetric_sign - Invalid algorithm\n", 6, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 610, PSA_KEY_USAGE_SIGN, PSA_ALG_SHA_256,
+{0x61, 0x62, 0x63}, 3, 128,
+{0x2c, 0x77, 0x44, 0x98, 0x3f, 0x02, 0x3a, 0xc7, 0xbb, 0x1c, 0x55, 0x52, 0x9d,
+ 0x83, 0xed, 0x11, 0xa7, 0x6a, 0x78, 0x98, 0xa1, 0xbb, 0x5c, 0xe1, 0x91, 0x37,
+ 0x5a, 0x4a, 0xa7, 0x49, 0x5a, 0x63, 0x3d, 0x27, 0x87, 0x9f, 0xf5, 0x8e, 0xba,
+ 0x5a, 0x57, 0x37, 0x1c, 0x34, 0xfe, 0xb1, 0x18, 0x0e, 0x8b, 0x85, 0x0d, 0x55,
+ 0x24, 0x76, 0xeb, 0xb5, 0x63, 0x4d, 0xf6, 0x20, 0x26, 0x19, 0x92, 0xf1, 0x2e,
+ 0xbe, 0xe9, 0x09, 0x70, 0x41, 0xdb, 0xbe, 0xa8, 0x5a, 0x42, 0xd4, 0x5b, 0x34,
+ 0x4b, 0xe5, 0x07, 0x3c, 0xeb, 0x77, 0x2f, 0xfc, 0x60, 0x49, 0x54, 0xb9, 0x15,
+ 0x8b, 0xa8, 0x1e, 0xc3, 0xdc, 0x4d, 0x9d, 0x65, 0xe3, 0xab, 0x7a, 0xa3, 0x18,
+ 0x16, 0x5f, 0x38, 0xc3, 0x6f, 0x84, 0x1f, 0x1c, 0x69, 0xcb, 0x1c, 0xfa, 0x49,
+ 0x4a, 0xa5, 0xcb, 0xb4, 0xd6, 0xc0, 0xef, 0xba, 0xfb, 0x04, 0x3a},
+ 128, 1024, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_asymmetric_sign - Invalid key type (AES Key)\n", 7, PSA_KEY_TYPE_AES,
+{0x30, 0x82, 0x02, 0x5e, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xaf, 0x05,
+ 0x7d, 0x39, 0x6e}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_SIGN,
+ PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
+{0x61, 0x62, 0x63}, 3, 128,
+{0x2c, 0x77, 0x44, 0x98, 0x3f, 0x02, 0x3a, 0xc7, 0xbb, 0x1c, 0x55, 0x52, 0x9d,
+ 0x83, 0xed, 0x11, 0xa7, 0x6a, 0x78, 0x98, 0xa1, 0xbb, 0x5c, 0xe1, 0x91, 0x37,
+ 0x5a, 0x4a, 0xa7, 0x49, 0x5a, 0x63, 0x3d, 0x27, 0x87, 0x9f, 0xf5, 0x8e, 0xba,
+ 0x5a, 0x57, 0x37, 0x1c, 0x34, 0xfe, 0xb1, 0x18, 0x0e, 0x8b, 0x85, 0x0d, 0x55,
+ 0x24, 0x76, 0xeb, 0xb5, 0x63, 0x4d, 0xf6, 0x20, 0x26, 0x19, 0x92, 0xf1, 0x2e,
+ 0xbe, 0xe9, 0x09, 0x70, 0x41, 0xdb, 0xbe, 0xa8, 0x5a, 0x42, 0xd4, 0x5b, 0x34,
+ 0x4b, 0xe5, 0x07, 0x3c, 0xeb, 0x77, 0x2f, 0xfc, 0x60, 0x49, 0x54, 0xb9, 0x15,
+ 0x8b, 0xa8, 0x1e, 0xc3, 0xdc, 0x4d, 0x9d, 0x65, 0xe3, 0xab, 0x7a, 0xa3, 0x18,
+ 0x16, 0x5f, 0x38, 0xc3, 0x6f, 0x84, 0x1f, 0x1c, 0x69, 0xcb, 0x1c, 0xfa, 0x49,
+ 0x4a, 0xa5, 0xcb, 0xb4, 0xd6, 0xc0, 0xef, 0xba, 0xfb, 0x04, 0x3a},
+ 128, BYTES_TO_BITS(AES_16B_KEY_SIZE), PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_asymmetric_sign - Invalid usage\n", 8, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 610, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+{0x61, 0x62, 0x63}, 3, 128,
+{0x2c, 0x77, 0x44, 0x98, 0x3f, 0x02, 0x3a, 0xc7, 0xbb, 0x1c, 0x55, 0x52, 0x9d,
+ 0x83, 0xed, 0x11, 0xa7, 0x6a, 0x78, 0x98, 0xa1, 0xbb, 0x5c, 0xe1, 0x91, 0x37,
+ 0x5a, 0x4a, 0xa7, 0x49, 0x5a, 0x63, 0x3d, 0x27, 0x87, 0x9f, 0xf5, 0x8e, 0xba,
+ 0x5a, 0x57, 0x37, 0x1c, 0x34, 0xfe, 0xb1, 0x18, 0x0e, 0x8b, 0x85, 0x0d, 0x55,
+ 0x24, 0x76, 0xeb, 0xb5, 0x63, 0x4d, 0xf6, 0x20, 0x26, 0x19, 0x92, 0xf1, 0x2e,
+ 0xbe, 0xe9, 0x09, 0x70, 0x41, 0xdb, 0xbe, 0xa8, 0x5a, 0x42, 0xd4, 0x5b, 0x34,
+ 0x4b, 0xe5, 0x07, 0x3c, 0xeb, 0x77, 0x2f, 0xfc, 0x60, 0x49, 0x54, 0xb9, 0x15,
+ 0x8b, 0xa8, 0x1e, 0xc3, 0xdc, 0x4d, 0x9d, 0x65, 0xe3, 0xab, 0x7a, 0xa3, 0x18,
+ 0x16, 0x5f, 0x38, 0xc3, 0x6f, 0x84, 0x1f, 0x1c, 0x69, 0xcb, 0x1c, 0xfa, 0x49,
+ 0x4a, 0xa5, 0xcb, 0xb4, 0xd6, 0xc0, 0xef, 0xba, 0xfb, 0x04, 0x3a},
+ 128, 1024, PSA_ERROR_NOT_PERMITTED
+},
+
+{"Test psa_asymmetric_sign - Wrong hash size\n", 9, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 610, PSA_KEY_USAGE_SIGN, PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00}, 30, 128,
+{0xa7, 0x36, 0x64, 0xd5, 0x5b, 0x39, 0xc7, 0xea, 0x6c, 0x1e, 0x5b, 0x50, 0x11,
+ 0x72, 0x4a, 0x11, 0xe1, 0xd7, 0x07, 0x3d, 0x3a, 0x68, 0xf4, 0x8c, 0x83, 0x6f,
+ 0xad, 0x15, 0x3a, 0x1d, 0x91, 0xb6, 0xab, 0xdb, 0xc8, 0xf6, 0x9d, 0xa1, 0x3b,
+ 0x20, 0x6c, 0xc9, 0x6a, 0xf6, 0x36, 0x3b, 0x11, 0x44, 0x58, 0xb0, 0x26, 0xaf,
+ 0x14, 0xb2, 0x4f, 0xab, 0x89, 0x29, 0xed, 0x63, 0x4c, 0x6a, 0x2a, 0xca, 0xce,
+ 0x0b, 0xcc, 0x62, 0xd9, 0xbb, 0x6a, 0x98, 0x4a, 0xfb, 0xcb, 0xfc, 0xd3, 0xa0,
+ 0x60, 0x8d, 0x32, 0xa2, 0xba, 0xe5, 0x35, 0xb9, 0xcd, 0x1e, 0xcd, 0xf9, 0xdd,
+ 0x28, 0x1d, 0xb1, 0xe0, 0x02, 0x5c, 0x3b, 0xfb, 0x55, 0x12, 0x96, 0x3e, 0xc3,
+ 0xb9, 0x8d, 0xda, 0xa6, 0x9e, 0x38, 0xbc, 0x3c, 0x84, 0xb1, 0xb6, 0x1a, 0x04,
+ 0xe5, 0x64, 0x86, 0x40, 0x85, 0x6a, 0xac, 0xc6, 0xfc, 0x73, 0x11},
+ 128, 1024, PSA_ERROR_INVALID_ARGUMENT
+},
+};
+
+static test_data check2[] = {
+{"Test psa_asymmetric_sign - Negative case\n", 10, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 610, PSA_KEY_USAGE_SIGN, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+{0x61, 0x62, 0x63}, 3, 128,
+{0x2c, 0x77, 0x44, 0x98, 0x3f, 0x02, 0x3a, 0xc7, 0xbb, 0x1c, 0x55, 0x52, 0x9d,
+ 0x83, 0xed, 0x11, 0xa7, 0x6a, 0x78, 0x98, 0xa1, 0xbb, 0x5c, 0xe1, 0x91, 0x37,
+ 0x5a, 0x4a, 0xa7, 0x49, 0x5a, 0x63, 0x3d, 0x27, 0x87, 0x9f, 0xf5, 0x8e, 0xba,
+ 0x5a, 0x57, 0x37, 0x1c, 0x34, 0xfe, 0xb1, 0x18, 0x0e, 0x8b, 0x85, 0x0d, 0x55,
+ 0x24, 0x76, 0xeb, 0xb5, 0x63, 0x4d, 0xf6, 0x20, 0x26, 0x19, 0x92, 0xf1, 0x2e,
+ 0xbe, 0xe9, 0x09, 0x70, 0x41, 0xdb, 0xbe, 0xa8, 0x5a, 0x42, 0xd4, 0x5b, 0x34,
+ 0x4b, 0xe5, 0x07, 0x3c, 0xeb, 0x77, 0x2f, 0xfc, 0x60, 0x49, 0x54, 0xb9, 0x15,
+ 0x8b, 0xa8, 0x1e, 0xc3, 0xdc, 0x4d, 0x9d, 0x65, 0xe3, 0xab, 0x7a, 0xa3, 0x18,
+ 0x16, 0x5f, 0x38, 0xc3, 0x6f, 0x84, 0x1f, 0x1c, 0x69, 0xcb, 0x1c, 0xfa, 0x49,
+ 0x4a, 0xa5, 0xcb, 0xb4, 0xd6, 0xc0, 0xef, 0xba, 0xfb, 0x04, 0x3a},
+ 128, 1024, PSA_SUCCESS
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c041/test_entry.c b/api-tests/dev_apis/crypto/test_c041/test_entry.c
new file mode 100644
index 0000000..dd70f13
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c041/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c041.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 41)
+#define TEST_DESC "Testing crypto asymmetric APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c041_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c042/source.mk b/api-tests/dev_apis/crypto/test_c042/source.mk
new file mode 100644
index 0000000..b8a3cf8
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c042/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c042.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c042/test_c042.c b/api-tests/dev_apis/crypto/test_c042/test_c042.c
new file mode 100644
index 0000000..301ae01
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c042/test_c042.c
@@ -0,0 +1,188 @@
+
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c042.h"
+#include "test_data.h"
+
+client_test_t test_c042_crypto_list[] = {
+ NULL,
+ psa_asymmetric_verify_test,
+ psa_asymmetric_verify_negative_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+
+int32_t psa_asymmetric_verify_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ uint8_t *key_data;
+ psa_key_policy_t policy;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Set the key data based on key type */
+ if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
+ {
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(128))
+ key_data = rsa_128_keypair;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ else
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(128))
+ key_data = rsa_128_keydata;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ key_data = ec_keypair;
+ else
+ key_data = ec_keydata;
+ }
+ else
+ key_data = check1[i].key_data;
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Verify the signature a hash or short message using a public key */
+ status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_VERIFY, check1[i].key_handle,
+ check1[i].key_alg, check1[i].input, check1[i].input_length,
+ check1[i].signature, check1[i].signature_size);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_asymmetric_verify_negative_test(security_t caller)
+{
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ int32_t i, status;
+ psa_key_policy_t policy;
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_verify - Invalid key handle\n",
+ g_test_count++);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
+ check2[i].key_alg);
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_verify - Invalid key handle\n",
+ g_test_count++);
+ /* Verify the signature a hash or short message using a public key */
+ status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_VERIFY, check2[i].key_handle,
+ check2[i].key_alg, check2[i].input, check2[i].input_length,
+ check2[i].signature, check2[i].signature_size);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_verify - Zero as key handle\n",
+ g_test_count++);
+ /* Verify the signature a hash or short message using a public key */
+ status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_VERIFY, 0,
+ check2[i].key_alg, check2[i].input, check2[i].input_length,
+ check2[i].signature, check2[i].signature_size);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_asymmetric_verify - Empty key handle\n",
+ g_test_count++);
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check2[i].key_type,
+ check2[i].key_length, &check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Verify the signature a hash or short message using a public key */
+ status = val->crypto_function(VAL_CRYPTO_ASYMMTERIC_VERIFY, check2[i].key_handle,
+ check2[i].key_alg, check2[i].input, check2[i].input_length,
+ check2[i].signature, check2[i].signature_size);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_EMPTY_SLOT, TEST_CHECKPOINT_NUM(7));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
diff --git a/api-tests/dev_apis/crypto/test_c042/test_c042.h b/api-tests/dev_apis/crypto/test_c042/test_c042.h
new file mode 100644
index 0000000..b6c2f61
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c042/test_c042.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C042_CLIENT_TESTS_H_
+#define _TEST_C042_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c042)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c042_crypto_list[];
+
+int32_t psa_asymmetric_verify_test(security_t caller);
+int32_t psa_asymmetric_verify_negative_test(security_t caller);
+#endif /* _TEST_C042_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c042/test_data.h b/api-tests/dev_apis/crypto/test_c042/test_data.h
new file mode 100644
index 0000000..2d4540a
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c042/test_data.h
@@ -0,0 +1,342 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[16];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ uint8_t input[32];
+ size_t input_length;
+ uint8_t signature[128];
+ size_t signature_size;
+ size_t expected_bit_length;
+ psa_status_t expected_status;
+} test_data;
+
+static uint8_t rsa_384_keypair[1];
+static uint8_t rsa_384_keydata[1];
+static uint8_t rsa_256_keypair[1];
+static uint8_t rsa_256_keydata[1];
+static uint8_t ec_keydata[] = {
+ 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06,
+ 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04, 0xde,
+ 0xa5, 0xe4, 0x5d, 0x0e, 0xa3, 0x7f, 0xc5, 0x66, 0x23, 0x2a, 0x50, 0x8f, 0x4a, 0xd2,
+ 0x0e, 0xa1, 0x3d, 0x47, 0xe4, 0xbf, 0x5f, 0xa4, 0xd5, 0x4a, 0x57, 0xa0, 0xba, 0x01,
+ 0x20, 0x42, 0x08, 0x70, 0x97, 0x49, 0x6e, 0xfc, 0x58, 0x3f, 0xed, 0x8b, 0x24, 0xa5,
+ 0xb9, 0xbe, 0x9a, 0x51, 0xde, 0x06, 0x3f, 0x5a, 0x00, 0xa8, 0xb6, 0x98, 0xa1, 0x6f,
+ 0xd7, 0xf2, 0x9b, 0x54, 0x85, 0xf3, 0x20};
+
+static uint8_t ec_keypair[] = {
+ 0x30, 0x78, 0x02, 0x01, 0x01, 0x04, 0x21, 0x00, 0xab, 0x45, 0x43, 0x57, 0x12, 0x64,
+ 0x9c, 0xb3, 0x0b, 0xbd, 0xda, 0xc4, 0x91, 0x97, 0xee, 0xbf, 0x27, 0x40, 0xff, 0xc7,
+ 0xf8, 0x74, 0xd9, 0x24, 0x4c, 0x34, 0x60, 0xf5, 0x4f, 0x32, 0x2d, 0x3a, 0xa0, 0x0a,
+ 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0xa1, 0x44, 0x03, 0x42,
+ 0x00, 0x04, 0xde, 0xa5, 0xe4, 0x5d, 0x0e, 0xa3, 0x7f, 0xc5, 0x66, 0x23, 0x2a, 0x50,
+ 0x8f, 0x4a, 0xd2, 0x0e, 0xa1, 0x3d, 0x47, 0xe4, 0xbf, 0x5f, 0xa4, 0xd5, 0x4a, 0x57,
+ 0xa0, 0xba, 0x01, 0x20, 0x42, 0x08, 0x70, 0x97, 0x49, 0x6e, 0xfc, 0x58, 0x3f, 0xed,
+ 0x8b, 0x24, 0xa5, 0xb9, 0xbe, 0x9a, 0x51, 0xde, 0x06, 0x3f, 0x5a, 0x00, 0xa8, 0xb6,
+ 0x98, 0xa1, 0x6f, 0xd7, 0xf2, 0x9b, 0x54, 0x85, 0xf3, 0x20};
+
+static uint8_t rsa_128_keydata[] = {
+ 0x30, 0x81, 0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
+ 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x81, 0x8d, 0x00, 0x30, 0x81, 0x89, 0x02,
+ 0x81, 0x81, 0x00, 0xaf, 0x05, 0x7d, 0x39, 0x6e, 0xe8, 0x4f, 0xb7, 0x5f, 0xdb,
+ 0xb5, 0xc2, 0xb1, 0x3c, 0x7f, 0xe5, 0xa6, 0x54, 0xaa, 0x8a, 0xa2, 0x47, 0x0b,
+ 0x54, 0x1e, 0xe1, 0xfe, 0xb0, 0xb1, 0x2d, 0x25, 0xc7, 0x97, 0x11, 0x53, 0x12,
+ 0x49, 0xe1, 0x12, 0x96, 0x28, 0x04, 0x2d, 0xbb, 0xb6, 0xc1, 0x20, 0xd1, 0x44,
+ 0x35, 0x24, 0xef, 0x4c, 0x0e, 0x6e, 0x1d, 0x89, 0x56, 0xee, 0xb2, 0x07, 0x7a,
+ 0xf1, 0x23, 0x49, 0xdd, 0xee, 0xe5, 0x44, 0x83, 0xbc, 0x06, 0xc2, 0xc6, 0x19,
+ 0x48, 0xcd, 0x02, 0xb2, 0x02, 0xe7, 0x96, 0xae, 0xbd, 0x94, 0xd3, 0xa7, 0xcb,
+ 0xf8, 0x59, 0xc2, 0xc1, 0x81, 0x9c, 0x32, 0x4c, 0xb8, 0x2b, 0x9c, 0xd3, 0x4e,
+ 0xde, 0x26, 0x3a, 0x2a, 0xbf, 0xfe, 0x47, 0x33, 0xf0, 0x77, 0x86, 0x9e, 0x86,
+ 0x60, 0xf7, 0xd6, 0x83, 0x4d, 0xa5, 0x3d, 0x69, 0x0e, 0xf7, 0x98, 0x5f, 0x6b,
+ 0xc3, 0x02, 0x03, 0x01, 0x00, 0x01};
+
+static uint8_t rsa_128_keypair[] = {
+0x30, 0x82, 0x02, 0x5e, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xaf, 0x05,
+0x7d, 0x39, 0x6e, 0xe8, 0x4f, 0xb7, 0x5f, 0xdb, 0xb5, 0xc2, 0xb1, 0x3c, 0x7f,
+0xe5, 0xa6, 0x54, 0xaa, 0x8a, 0xa2, 0x47, 0x0b, 0x54, 0x1e, 0xe1, 0xfe, 0xb0,
+0xb1, 0x2d, 0x25, 0xc7, 0x97, 0x11, 0x53, 0x12, 0x49, 0xe1, 0x12, 0x96, 0x28,
+0x04, 0x2d, 0xbb, 0xb6, 0xc1, 0x20, 0xd1, 0x44, 0x35, 0x24, 0xef, 0x4c, 0x0e,
+0x6e, 0x1d, 0x89, 0x56, 0xee, 0xb2, 0x07, 0x7a, 0xf1, 0x23, 0x49, 0xdd, 0xee,
+0xe5, 0x44, 0x83, 0xbc, 0x06, 0xc2, 0xc6, 0x19, 0x48, 0xcd, 0x02, 0xb2, 0x02,
+0xe7, 0x96, 0xae, 0xbd, 0x94, 0xd3, 0xa7, 0xcb, 0xf8, 0x59, 0xc2, 0xc1, 0x81,
+0x9c, 0x32, 0x4c, 0xb8, 0x2b, 0x9c, 0xd3, 0x4e, 0xde, 0x26, 0x3a, 0x2a, 0xbf,
+0xfe, 0x47, 0x33, 0xf0, 0x77, 0x86, 0x9e, 0x86, 0x60, 0xf7, 0xd6, 0x83, 0x4d,
+0xa5, 0x3d, 0x69, 0x0e, 0xf7, 0x98, 0x5f, 0x6b, 0xc3, 0x02, 0x03, 0x01, 0x00,
+0x01, 0x02, 0x81, 0x81, 0x00, 0x87, 0x4b, 0xf0, 0xff, 0xc2, 0xf2, 0xa7, 0x1d,
+0x14, 0x67, 0x1d, 0xdd, 0x01, 0x71, 0xc9, 0x54, 0xd7, 0xfd, 0xbf, 0x50, 0x28,
+0x1e, 0x4f, 0x6d, 0x99, 0xea, 0x0e, 0x1e, 0xbc, 0xf8, 0x2f, 0xaa, 0x58, 0xe7,
+0xb5, 0x95, 0xff, 0xb2, 0x93, 0xd1, 0xab, 0xe1, 0x7f, 0x11, 0x0b, 0x37, 0xc4,
+0x8c, 0xc0, 0xf3, 0x6c, 0x37, 0xe8, 0x4d, 0x87, 0x66, 0x21, 0xd3, 0x27, 0xf6,
+0x4b, 0xbe, 0x08, 0x45, 0x7d, 0x3e, 0xc4, 0x09, 0x8b, 0xa2, 0xfa, 0x0a, 0x31,
+0x9f, 0xba, 0x41, 0x1c, 0x28, 0x41, 0xed, 0x7b, 0xe8, 0x31, 0x96, 0xa8, 0xcd,
+0xf9, 0xda, 0xa5, 0xd0, 0x06, 0x94, 0xbc, 0x33, 0x5f, 0xc4, 0xc3, 0x22, 0x17,
+0xfe, 0x04, 0x88, 0xbc, 0xe9, 0xcb, 0x72, 0x02, 0xe5, 0x94, 0x68, 0xb1, 0xea,
+0xd1, 0x19, 0x00, 0x04, 0x77, 0xdb, 0x2c, 0xa7, 0x97, 0xfa, 0xc1, 0x9e, 0xda,
+0x3f, 0x58, 0xc1, 0x02, 0x41, 0x00, 0xe2, 0xab, 0x76, 0x08, 0x41, 0xbb, 0x9d,
+0x30, 0xa8, 0x1d, 0x22, 0x2d, 0xe1, 0xeb, 0x73, 0x81, 0xd8, 0x22, 0x14, 0x40,
+0x7f, 0x1b, 0x97, 0x5c, 0xbb, 0xfe, 0x4e, 0x1a, 0x94, 0x67, 0xfd, 0x98, 0xad,
+0xbd, 0x78, 0xf6, 0x07, 0x83, 0x6c, 0xa5, 0xbe, 0x19, 0x28, 0xb9, 0xd1, 0x60,
+0xd9, 0x7f, 0xd4, 0x5c, 0x12, 0xd6, 0xb5, 0x2e, 0x2c, 0x98, 0x71, 0xa1, 0x74,
+0xc6, 0x6b, 0x48, 0x81, 0x13, 0x02, 0x41, 0x00, 0xc5, 0xab, 0x27, 0x60, 0x21,
+0x59, 0xae, 0x7d, 0x6f, 0x20, 0xc3, 0xc2, 0xee, 0x85, 0x1e, 0x46, 0xdc, 0x11,
+0x2e, 0x68, 0x9e, 0x28, 0xd5, 0xfc, 0xbb, 0xf9, 0x90, 0xa9, 0x9e, 0xf8, 0xa9,
+0x0b, 0x8b, 0xb4, 0x4f, 0xd3, 0x64, 0x67, 0xe7, 0xfc, 0x17, 0x89, 0xce, 0xb6,
+0x63, 0xab, 0xda, 0x33, 0x86, 0x52, 0xc3, 0xc7, 0x3f, 0x11, 0x17, 0x74, 0x90,
+0x2e, 0x84, 0x05, 0x65, 0x92, 0x70, 0x91, 0x02, 0x41, 0x00, 0xb6, 0xcd, 0xbd,
+0x35, 0x4f, 0x7d, 0xf5, 0x79, 0xa6, 0x3b, 0x48, 0xb3, 0x64, 0x3e, 0x35, 0x3b,
+0x84, 0x89, 0x87, 0x77, 0xb4, 0x8b, 0x15, 0xf9, 0x4e, 0x0b, 0xfc, 0x05, 0x67,
+0xa6, 0xae, 0x59, 0x11, 0xd5, 0x7a, 0xd6, 0x40, 0x9c, 0xf7, 0x64, 0x7b, 0xf9,
+0x62, 0x64, 0xe9, 0xbd, 0x87, 0xeb, 0x95, 0xe2, 0x63, 0xb7, 0x11, 0x0b, 0x9a,
+0x1f, 0x9f, 0x94, 0xac, 0xce, 0xd0, 0xfa, 0xfa, 0x4d, 0x02, 0x40, 0x71, 0x19,
+0x5e, 0xec, 0x37, 0xe8, 0xd2, 0x57, 0xde, 0xcf, 0xc6, 0x72, 0xb0, 0x7a, 0xe6,
+0x39, 0xf1, 0x0c, 0xbb, 0x9b, 0x0c, 0x73, 0x9d, 0x0c, 0x80, 0x99, 0x68, 0xd6,
+0x44, 0xa9, 0x4e, 0x3f, 0xd6, 0xed, 0x92, 0x87, 0x07, 0x7a, 0x14, 0x58, 0x3f,
+0x37, 0x90, 0x58, 0xf7, 0x6a, 0x8a, 0xec, 0xd4, 0x3c, 0x62, 0xdc, 0x8c, 0x0f,
+0x41, 0x76, 0x66, 0x50, 0xd7, 0x25, 0x27, 0x5a, 0xc4, 0xa1, 0x02, 0x41, 0x00,
+0xbb, 0x32, 0xd1, 0x33, 0xed, 0xc2, 0xe0, 0x48, 0xd4, 0x63, 0x38, 0x8b, 0x7b,
+0xe9, 0xcb, 0x4b, 0xe2, 0x9f, 0x4b, 0x62, 0x50, 0xbe, 0x60, 0x3e, 0x70, 0xe3,
+0x64, 0x75, 0x01, 0xc9, 0x7d, 0xdd, 0xe2, 0x0a, 0x4e, 0x71, 0xbe, 0x95, 0xfd,
+0x5e, 0x71, 0x78, 0x4e, 0x25, 0xac, 0xa4, 0xba, 0xf2, 0x5b, 0xe5, 0x73, 0x8a,
+0xae, 0x59, 0xbb, 0xfe, 0x1c, 0x99, 0x77, 0x81, 0x44, 0x7a, 0x2b, 0x24};
+
+static test_data check1[] = {
+{"Test psa_asymmetric_verify - RSA KEYPAIR PKCS1V15 RAW\n", 1, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 610, PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+{0x61, 0x62, 0x63}, 3,
+{0x2c, 0x77, 0x44, 0x98, 0x3f, 0x02, 0x3a, 0xc7, 0xbb, 0x1c, 0x55, 0x52, 0x9d,
+ 0x83, 0xed, 0x11, 0xa7, 0x6a, 0x78, 0x98, 0xa1, 0xbb, 0x5c, 0xe1, 0x91, 0x37,
+ 0x5a, 0x4a, 0xa7, 0x49, 0x5a, 0x63, 0x3d, 0x27, 0x87, 0x9f, 0xf5, 0x8e, 0xba,
+ 0x5a, 0x57, 0x37, 0x1c, 0x34, 0xfe, 0xb1, 0x18, 0x0e, 0x8b, 0x85, 0x0d, 0x55,
+ 0x24, 0x76, 0xeb, 0xb5, 0x63, 0x4d, 0xf6, 0x20, 0x26, 0x19, 0x92, 0xf1, 0x2e,
+ 0xbe, 0xe9, 0x09, 0x70, 0x41, 0xdb, 0xbe, 0xa8, 0x5a, 0x42, 0xd4, 0x5b, 0x34,
+ 0x4b, 0xe5, 0x07, 0x3c, 0xeb, 0x77, 0x2f, 0xfc, 0x60, 0x49, 0x54, 0xb9, 0x15,
+ 0x8b, 0xa8, 0x1e, 0xc3, 0xdc, 0x4d, 0x9d, 0x65, 0xe3, 0xab, 0x7a, 0xa3, 0x18,
+ 0x16, 0x5f, 0x38, 0xc3, 0x6f, 0x84, 0x1f, 0x1c, 0x69, 0xcb, 0x1c, 0xfa, 0x49,
+ 0x4a, 0xa5, 0xcb, 0xb4, 0xd6, 0xc0, 0xef, 0xba, 0xfb, 0x04, 0x3a},
+ 128, 1024, PSA_SUCCESS
+},
+
+{"Test psa_asymmetric_verify - RSA KEYPAIR PKCS1V15 SHA-256\n", 2, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 610, PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad}, 32,
+{0xa7, 0x36, 0x64, 0xd5, 0x5b, 0x39, 0xc7, 0xea, 0x6c, 0x1e, 0x5b, 0x50, 0x11,
+ 0x72, 0x4a, 0x11, 0xe1, 0xd7, 0x07, 0x3d, 0x3a, 0x68, 0xf4, 0x8c, 0x83, 0x6f,
+ 0xad, 0x15, 0x3a, 0x1d, 0x91, 0xb6, 0xab, 0xdb, 0xc8, 0xf6, 0x9d, 0xa1, 0x3b,
+ 0x20, 0x6c, 0xc9, 0x6a, 0xf6, 0x36, 0x3b, 0x11, 0x44, 0x58, 0xb0, 0x26, 0xaf,
+ 0x14, 0xb2, 0x4f, 0xab, 0x89, 0x29, 0xed, 0x63, 0x4c, 0x6a, 0x2a, 0xca, 0xce,
+ 0x0b, 0xcc, 0x62, 0xd9, 0xbb, 0x6a, 0x98, 0x4a, 0xfb, 0xcb, 0xfc, 0xd3, 0xa0,
+ 0x60, 0x8d, 0x32, 0xa2, 0xba, 0xe5, 0x35, 0xb9, 0xcd, 0x1e, 0xcd, 0xf9, 0xdd,
+ 0x28, 0x1d, 0xb1, 0xe0, 0x02, 0x5c, 0x3b, 0xfb, 0x55, 0x12, 0x96, 0x3e, 0xc3,
+ 0xb9, 0x8d, 0xda, 0xa6, 0x9e, 0x38, 0xbc, 0x3c, 0x84, 0xb1, 0xb6, 0x1a, 0x04,
+ 0xe5, 0x64, 0x86, 0x40, 0x85, 0x6a, 0xac, 0xc6, 0xfc, 0x73, 0x11},
+ 128, 1024, PSA_SUCCESS
+},
+
+{"Test psa_asymmetric_verify - ECDSA KEYPAIR SECP256R1 SHA-256\n", 3,
+ PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1), {0}, 122,
+ PSA_KEY_USAGE_VERIFY, PSA_ALG_DETERMINISTIC_ECDSA(PSA_ALG_SHA_256),
+{0x9a, 0xc4, 0x33, 0x5b, 0x46, 0x9b, 0xbd, 0x79, 0x14, 0x39, 0x24, 0x85, 0x04,
+ 0xdd, 0x0d, 0x49, 0xc7, 0x13, 0x49, 0xa2, 0x95, 0xfe, 0xe5, 0xa1, 0xc6, 0x85,
+ 0x07, 0xf4, 0x5a, 0x9e, 0x1c, 0x7b}, 32,
+{0x6a, 0x33, 0x99, 0xf6, 0x94, 0x21, 0xff, 0xe1, 0x49, 0x03, 0x77, 0xad, 0xf2,
+ 0xea, 0x1f, 0x11, 0x7d, 0x81, 0xa6, 0x3c, 0xf5, 0xbf, 0x22, 0xe9, 0x18, 0xd5,
+ 0x11, 0x75, 0xeb, 0x25, 0x91, 0x51, 0xce, 0x95, 0xd7, 0xc2, 0x6c, 0xc0, 0x4e,
+ 0x25, 0x50, 0x3e, 0x2f, 0x7a, 0x1e, 0xc3, 0x57, 0x3e, 0x3c, 0x24, 0x12, 0x53,
+ 0x4b, 0xb4, 0xa1, 0x9b, 0x3a, 0x78, 0x11, 0x74, 0x2f, 0x49, 0xf5, 0x0f},
+ 64, 512, PSA_SUCCESS
+},
+
+{"Test psa_asymmetric_verify - RSA public key\n", 4,
+PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+{0}, 162, PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad}, 32,
+{0xa7, 0x36, 0x64, 0xd5, 0x5b, 0x39, 0xc7, 0xea, 0x6c, 0x1e, 0x5b, 0x50, 0x11,
+ 0x72, 0x4a, 0x11, 0xe1, 0xd7, 0x07, 0x3d, 0x3a, 0x68, 0xf4, 0x8c, 0x83, 0x6f,
+ 0xad, 0x15, 0x3a, 0x1d, 0x91, 0xb6, 0xab, 0xdb, 0xc8, 0xf6, 0x9d, 0xa1, 0x3b,
+ 0x20, 0x6c, 0xc9, 0x6a, 0xf6, 0x36, 0x3b, 0x11, 0x44, 0x58, 0xb0, 0x26, 0xaf,
+ 0x14, 0xb2, 0x4f, 0xab, 0x89, 0x29, 0xed, 0x63, 0x4c, 0x6a, 0x2a, 0xca, 0xce,
+ 0x0b, 0xcc, 0x62, 0xd9, 0xbb, 0x6a, 0x98, 0x4a, 0xfb, 0xcb, 0xfc, 0xd3, 0xa0,
+ 0x60, 0x8d, 0x32, 0xa2, 0xba, 0xe5, 0x35, 0xb9, 0xcd, 0x1e, 0xcd, 0xf9, 0xdd,
+ 0x28, 0x1d, 0xb1, 0xe0, 0x02, 0x5c, 0x3b, 0xfb, 0x55, 0x12, 0x96, 0x3e, 0xc3,
+ 0xb9, 0x8d, 0xda, 0xa6, 0x9e, 0x38, 0xbc, 0x3c, 0x84, 0xb1, 0xb6, 0x1a, 0x04,
+ 0xe5, 0x64, 0x86, 0x40, 0x85, 0x6a, 0xac, 0xc6, 0xfc, 0x73, 0x11},
+ 128, 1024, PSA_SUCCESS
+},
+
+{"Test psa_asymmetric_verify - Small output buffer\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 610, PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad}, 32,
+{0xa7, 0x36, 0x64, 0xd5, 0x5b, 0x39, 0xc7, 0xea, 0x6c, 0x1e, 0x5b, 0x50, 0x11,
+ 0x72, 0x4a, 0x11, 0xe1, 0xd7, 0x07, 0x3d, 0x3a, 0x68, 0xf4, 0x8c, 0x83, 0x6f,
+ 0xad, 0x15, 0x3a, 0x1d, 0x91, 0xb6, 0xab, 0xdb, 0xc8, 0xf6, 0x9d, 0xa1, 0x3b,
+ 0x20, 0x6c, 0xc9, 0x6a, 0xf6, 0x36, 0x3b, 0x11, 0x44, 0x58, 0xb0, 0x26, 0xaf,
+ 0x14, 0xb2, 0x4f, 0xab, 0x89, 0x29, 0xed, 0x63, 0x4c, 0x6a, 0x2a, 0xca, 0xce,
+ 0x0b, 0xcc, 0x62, 0xd9, 0xbb, 0x6a, 0x98, 0x4a, 0xfb, 0xcb, 0xfc, 0xd3, 0xa0,
+ 0x60, 0x8d, 0x32, 0xa2, 0xba, 0xe5, 0x35, 0xb9, 0xcd, 0x1e, 0xcd, 0xf9, 0xdd,
+ 0x28, 0x1d, 0xb1, 0xe0, 0x02, 0x5c, 0x3b, 0xfb, 0x55, 0x12, 0x96, 0x3e, 0xc3,
+ 0xb9, 0x8d, 0xda, 0xa6, 0x9e, 0x38, 0xbc, 0x3c, 0x84, 0xb1, 0xb6, 0x1a, 0x04,
+ 0xe5, 0x64, 0x86, 0x40, 0x85, 0x6a, 0xac, 0xc6, 0xfc, 0x73, 0x11},
+ 120, 1024, PSA_ERROR_BUFFER_TOO_SMALL
+},
+
+{"Test psa_asymmetric_verify - Invalid algorithm\n", 6, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 610, PSA_KEY_USAGE_VERIFY, PSA_ALG_SHA_256,
+{0x61, 0x62, 0x63}, 3,
+{0x2c, 0x77, 0x44, 0x98, 0x3f, 0x02, 0x3a, 0xc7, 0xbb, 0x1c, 0x55, 0x52, 0x9d,
+ 0x83, 0xed, 0x11, 0xa7, 0x6a, 0x78, 0x98, 0xa1, 0xbb, 0x5c, 0xe1, 0x91, 0x37,
+ 0x5a, 0x4a, 0xa7, 0x49, 0x5a, 0x63, 0x3d, 0x27, 0x87, 0x9f, 0xf5, 0x8e, 0xba,
+ 0x5a, 0x57, 0x37, 0x1c, 0x34, 0xfe, 0xb1, 0x18, 0x0e, 0x8b, 0x85, 0x0d, 0x55,
+ 0x24, 0x76, 0xeb, 0xb5, 0x63, 0x4d, 0xf6, 0x20, 0x26, 0x19, 0x92, 0xf1, 0x2e,
+ 0xbe, 0xe9, 0x09, 0x70, 0x41, 0xdb, 0xbe, 0xa8, 0x5a, 0x42, 0xd4, 0x5b, 0x34,
+ 0x4b, 0xe5, 0x07, 0x3c, 0xeb, 0x77, 0x2f, 0xfc, 0x60, 0x49, 0x54, 0xb9, 0x15,
+ 0x8b, 0xa8, 0x1e, 0xc3, 0xdc, 0x4d, 0x9d, 0x65, 0xe3, 0xab, 0x7a, 0xa3, 0x18,
+ 0x16, 0x5f, 0x38, 0xc3, 0x6f, 0x84, 0x1f, 0x1c, 0x69, 0xcb, 0x1c, 0xfa, 0x49,
+ 0x4a, 0xa5, 0xcb, 0xb4, 0xd6, 0xc0, 0xef, 0xba, 0xfb, 0x04, 0x3a},
+ 128, 1024, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_asymmetric_verify - Invalid key type (AES Key)\n", 7, PSA_KEY_TYPE_AES,
+{0x30, 0x82, 0x02, 0x5e, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, 0x00, 0xaf, 0x05,
+ 0x7d, 0x39, 0x6e}, AES_16B_KEY_SIZE, PSA_KEY_USAGE_VERIFY,
+ PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
+{0x61, 0x62, 0x63}, 3,
+{0x2c, 0x77, 0x44, 0x98, 0x3f, 0x02, 0x3a, 0xc7, 0xbb, 0x1c, 0x55, 0x52, 0x9d,
+ 0x83, 0xed, 0x11, 0xa7, 0x6a, 0x78, 0x98, 0xa1, 0xbb, 0x5c, 0xe1, 0x91, 0x37,
+ 0x5a, 0x4a, 0xa7, 0x49, 0x5a, 0x63, 0x3d, 0x27, 0x87, 0x9f, 0xf5, 0x8e, 0xba,
+ 0x5a, 0x57, 0x37, 0x1c, 0x34, 0xfe, 0xb1, 0x18, 0x0e, 0x8b, 0x85, 0x0d, 0x55,
+ 0x24, 0x76, 0xeb, 0xb5, 0x63, 0x4d, 0xf6, 0x20, 0x26, 0x19, 0x92, 0xf1, 0x2e,
+ 0xbe, 0xe9, 0x09, 0x70, 0x41, 0xdb, 0xbe, 0xa8, 0x5a, 0x42, 0xd4, 0x5b, 0x34,
+ 0x4b, 0xe5, 0x07, 0x3c, 0xeb, 0x77, 0x2f, 0xfc, 0x60, 0x49, 0x54, 0xb9, 0x15,
+ 0x8b, 0xa8, 0x1e, 0xc3, 0xdc, 0x4d, 0x9d, 0x65, 0xe3, 0xab, 0x7a, 0xa3, 0x18,
+ 0x16, 0x5f, 0x38, 0xc3, 0x6f, 0x84, 0x1f, 0x1c, 0x69, 0xcb, 0x1c, 0xfa, 0x49,
+ 0x4a, 0xa5, 0xcb, 0xb4, 0xd6, 0xc0, 0xef, 0xba, 0xfb, 0x04, 0x3a},
+ 128, BYTES_TO_BITS(AES_16B_KEY_SIZE), PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_asymmetric_verify - Invalid usage\n", 8, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 610, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+{0x61, 0x62, 0x63}, 3,
+{0x2c, 0x77, 0x44, 0x98, 0x3f, 0x02, 0x3a, 0xc7, 0xbb, 0x1c, 0x55, 0x52, 0x9d,
+ 0x83, 0xed, 0x11, 0xa7, 0x6a, 0x78, 0x98, 0xa1, 0xbb, 0x5c, 0xe1, 0x91, 0x37,
+ 0x5a, 0x4a, 0xa7, 0x49, 0x5a, 0x63, 0x3d, 0x27, 0x87, 0x9f, 0xf5, 0x8e, 0xba,
+ 0x5a, 0x57, 0x37, 0x1c, 0x34, 0xfe, 0xb1, 0x18, 0x0e, 0x8b, 0x85, 0x0d, 0x55,
+ 0x24, 0x76, 0xeb, 0xb5, 0x63, 0x4d, 0xf6, 0x20, 0x26, 0x19, 0x92, 0xf1, 0x2e,
+ 0xbe, 0xe9, 0x09, 0x70, 0x41, 0xdb, 0xbe, 0xa8, 0x5a, 0x42, 0xd4, 0x5b, 0x34,
+ 0x4b, 0xe5, 0x07, 0x3c, 0xeb, 0x77, 0x2f, 0xfc, 0x60, 0x49, 0x54, 0xb9, 0x15,
+ 0x8b, 0xa8, 0x1e, 0xc3, 0xdc, 0x4d, 0x9d, 0x65, 0xe3, 0xab, 0x7a, 0xa3, 0x18,
+ 0x16, 0x5f, 0x38, 0xc3, 0x6f, 0x84, 0x1f, 0x1c, 0x69, 0xcb, 0x1c, 0xfa, 0x49,
+ 0x4a, 0xa5, 0xcb, 0xb4, 0xd6, 0xc0, 0xef, 0xba, 0xfb, 0x04, 0x3a},
+ 128, 1024, PSA_ERROR_NOT_PERMITTED
+},
+
+{"Test psa_asymmetric_verify - Wrong hash size\n", 9, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 610, PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00}, 30,
+{0xa7, 0x36, 0x64, 0xd5, 0x5b, 0x39, 0xc7, 0xea, 0x6c, 0x1e, 0x5b, 0x50, 0x11,
+ 0x72, 0x4a, 0x11, 0xe1, 0xd7, 0x07, 0x3d, 0x3a, 0x68, 0xf4, 0x8c, 0x83, 0x6f,
+ 0xad, 0x15, 0x3a, 0x1d, 0x91, 0xb6, 0xab, 0xdb, 0xc8, 0xf6, 0x9d, 0xa1, 0x3b,
+ 0x20, 0x6c, 0xc9, 0x6a, 0xf6, 0x36, 0x3b, 0x11, 0x44, 0x58, 0xb0, 0x26, 0xaf,
+ 0x14, 0xb2, 0x4f, 0xab, 0x89, 0x29, 0xed, 0x63, 0x4c, 0x6a, 0x2a, 0xca, 0xce,
+ 0x0b, 0xcc, 0x62, 0xd9, 0xbb, 0x6a, 0x98, 0x4a, 0xfb, 0xcb, 0xfc, 0xd3, 0xa0,
+ 0x60, 0x8d, 0x32, 0xa2, 0xba, 0xe5, 0x35, 0xb9, 0xcd, 0x1e, 0xcd, 0xf9, 0xdd,
+ 0x28, 0x1d, 0xb1, 0xe0, 0x02, 0x5c, 0x3b, 0xfb, 0x55, 0x12, 0x96, 0x3e, 0xc3,
+ 0xb9, 0x8d, 0xda, 0xa6, 0x9e, 0x38, 0xbc, 0x3c, 0x84, 0xb1, 0xb6, 0x1a, 0x04,
+ 0xe5, 0x64, 0x86, 0x40, 0x85, 0x6a, 0xac, 0xc6, 0xfc, 0x73, 0x11},
+ 128, 1024, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_asymmetric_verify - Wrong signature\n", 10,
+PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+{0}, 162, PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256),
+{0xba, 0x78, 0x16, 0xbf, 0x8f, 0x01, 0xcf, 0xea, 0x41, 0x41, 0x40, 0xde, 0x5d,
+ 0xae, 0x22, 0x23, 0xb0, 0x03, 0x61, 0xa3, 0x96, 0x17, 0x7a, 0x9c, 0xb4, 0x10,
+ 0xff, 0x61, 0xf2, 0x00, 0x15, 0xad}, 32,
+{0xa8, 0x36, 0x64, 0xd5, 0x5b, 0x39, 0xc7, 0xea, 0x6c, 0x1e, 0x5b, 0x50, 0x11,
+ 0x72, 0x4a, 0x11, 0xe1, 0xd7, 0x07, 0x3d, 0x3a, 0x68, 0xf4, 0x8c, 0x83, 0x6f,
+ 0xad, 0x15, 0x3a, 0x1d, 0x91, 0xb6, 0xab, 0xdb, 0xc8, 0xf6, 0x9d, 0xa1, 0x3b,
+ 0x20, 0x6c, 0xc9, 0x6a, 0xf6, 0x36, 0x3b, 0x11, 0x44, 0x58, 0xb0, 0x26, 0xaf,
+ 0x14, 0xb2, 0x4f, 0xab, 0x89, 0x29, 0xed, 0x63, 0x4c, 0x6a, 0x2a, 0xca, 0xce,
+ 0x0b, 0xcc, 0x62, 0xd9, 0xbb, 0x6a, 0x98, 0x4a, 0xfb, 0xcb, 0xfc, 0xd3, 0xa0,
+ 0x60, 0x8d, 0x32, 0xa2, 0xba, 0xe5, 0x35, 0xb9, 0xcd, 0x1e, 0xcd, 0xf9, 0xdd,
+ 0x28, 0x1d, 0xb1, 0xe0, 0x02, 0x5c, 0x3b, 0xfb, 0x55, 0x12, 0x96, 0x3e, 0xc3,
+ 0xb9, 0x8d, 0xda, 0xa6, 0x9e, 0x38, 0xbc, 0x3c, 0x84, 0xb1, 0xb6, 0x1a, 0x04,
+ 0xe5, 0x64, 0x86, 0x40, 0x85, 0x6a, 0xac, 0xc6, 0xfc, 0x73, 0x11},
+ 128, 1024, PSA_ERROR_INVALID_SIGNATURE
+},
+
+{"Test psa_asymmetric_verify - EC public key\n", 11,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
+{0}, 91, PSA_KEY_USAGE_VERIFY, PSA_ALG_ECDSA_ANY,
+{0x9a, 0xc4, 0x33, 0x5b, 0x46, 0x9b, 0xbd, 0x79, 0x14, 0x39, 0x24, 0x85, 0x04,
+ 0xdd, 0x0d, 0x49, 0xc7, 0x13, 0x49, 0xa2, 0x95, 0xfe, 0xe5, 0xa1, 0xc6, 0x85,
+ 0x07, 0xf4, 0x5a, 0x9e, 0x1c, 0x7b}, 32,
+{0x6a, 0x33, 0x99, 0xf6, 0x94, 0x21, 0xff, 0xe1, 0x49, 0x03, 0x77, 0xad, 0xf2,
+ 0xea, 0x1f, 0x11, 0x7d, 0x81, 0xa6, 0x3c, 0xf5, 0xbf, 0x22, 0xe9, 0x18, 0xd5,
+ 0x11, 0x75, 0xeb, 0x25, 0x91, 0x51, 0xce, 0x95, 0xd7, 0xc2, 0x6c, 0xc0, 0x4e,
+ 0x25, 0x50, 0x3e, 0x2f, 0x7a, 0x1e, 0xc3, 0x57, 0x3e, 0x3c, 0x24, 0x12, 0x53,
+ 0x4b, 0xb4, 0xa1, 0x9b, 0x3a, 0x78, 0x11, 0x74, 0x2f, 0x49, 0xf5, 0x0f},
+ 64, 512, PSA_SUCCESS
+},
+
+{"Test psa_asymmetric_verify - Wrong signature size\n", 12,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
+{0}, 91, PSA_KEY_USAGE_VERIFY, PSA_ALG_ECDSA_ANY,
+{0x9a, 0xc4, 0x33, 0x5b, 0x46, 0x9b, 0xbd, 0x79, 0x14, 0x39, 0x24, 0x85, 0x04,
+ 0xdd, 0x0d, 0x49, 0xc7, 0x13, 0x49, 0xa2, 0x95, 0xfe, 0xe5, 0xa1, 0xc6, 0x85,
+ 0x07, 0xf4, 0x5a, 0x9e, 0x1c, 0x7b}, 32,
+{0x6a, 0x33, 0x99, 0xf6, 0x94, 0x21, 0xff, 0xe1, 0x49, 0x03, 0x77, 0xad, 0xf2,
+ 0xea, 0x1f, 0x11, 0x7d, 0x81, 0xa6, 0x3c, 0xf5, 0xbf, 0x22, 0xe9, 0x18, 0xd5,
+ 0x11, 0x75, 0xeb, 0x25, 0x91, 0x51, 0xce, 0x95, 0xd7, 0xc2, 0x6c, 0xc0, 0x4e,
+ 0x25, 0x50, 0x3e, 0x2f, 0x7a, 0x1e, 0xc3, 0x57, 0x3e, 0x3c, 0x24, 0x12, 0x53,
+ 0x4b, 0xb4, 0xa1, 0x9b, 0x3a, 0x78, 0x11, 0x74, 0x2f, 0x49, 0xf5, 0x0f, 0x00},
+ 65, 512, PSA_ERROR_INVALID_SIGNATURE
+},
+};
+
+static test_data check2[] = {
+{"Test psa_asymmetric_verify - Negative case\n", 13, PSA_KEY_TYPE_RSA_KEYPAIR,
+{0}, 610, PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+{0x61, 0x62, 0x63}, 3,
+{0x2c, 0x77, 0x44, 0x98, 0x3f, 0x02, 0x3a, 0xc7, 0xbb, 0x1c, 0x55, 0x52, 0x9d,
+ 0x83, 0xed, 0x11, 0xa7, 0x6a, 0x78, 0x98, 0xa1, 0xbb, 0x5c, 0xe1, 0x91, 0x37,
+ 0x5a, 0x4a, 0xa7, 0x49, 0x5a, 0x63, 0x3d, 0x27, 0x87, 0x9f, 0xf5, 0x8e, 0xba,
+ 0x5a, 0x57, 0x37, 0x1c, 0x34, 0xfe, 0xb1, 0x18, 0x0e, 0x8b, 0x85, 0x0d, 0x55,
+ 0x24, 0x76, 0xeb, 0xb5, 0x63, 0x4d, 0xf6, 0x20, 0x26, 0x19, 0x92, 0xf1, 0x2e,
+ 0xbe, 0xe9, 0x09, 0x70, 0x41, 0xdb, 0xbe, 0xa8, 0x5a, 0x42, 0xd4, 0x5b, 0x34,
+ 0x4b, 0xe5, 0x07, 0x3c, 0xeb, 0x77, 0x2f, 0xfc, 0x60, 0x49, 0x54, 0xb9, 0x15,
+ 0x8b, 0xa8, 0x1e, 0xc3, 0xdc, 0x4d, 0x9d, 0x65, 0xe3, 0xab, 0x7a, 0xa3, 0x18,
+ 0x16, 0x5f, 0x38, 0xc3, 0x6f, 0x84, 0x1f, 0x1c, 0x69, 0xcb, 0x1c, 0xfa, 0x49,
+ 0x4a, 0xa5, 0xcb, 0xb4, 0xd6, 0xc0, 0xef, 0xba, 0xfb, 0x04, 0x3a},
+ 128, 1024, PSA_SUCCESS
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c042/test_entry.c b/api-tests/dev_apis/crypto/test_c042/test_entry.c
new file mode 100644
index 0000000..7687142
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c042/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c042.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 42)
+#define TEST_DESC "Testing crypto asymmetric APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c042_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/test_c043/source.mk b/api-tests/dev_apis/crypto/test_c043/source.mk
new file mode 100644
index 0000000..e6c3468
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c043/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c043.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/crypto/test_c043/test_c043.c b/api-tests/dev_apis/crypto/test_c043/test_c043.c
new file mode 100644
index 0000000..f5aea37
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c043/test_c043.c
@@ -0,0 +1,181 @@
+
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c043.h"
+#include "test_data.h"
+
+client_test_t test_c043_crypto_list[] = {
+ NULL,
+ psa_key_agreement_test,
+ psa_key_agreement_negative_test,
+ NULL,
+};
+
+static int g_test_count = 1;
+static uint8_t output[SIZE_50B];
+
+int32_t psa_key_agreement_test(security_t caller)
+{
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ int32_t i, status;
+ size_t capacity;
+ psa_key_policy_t policy;
+ psa_crypto_generator_t generator = {0};
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check1[i].key_type,
+ check1[i].key_length, &check1[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(3));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(4));
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_handle,
+ check1[i].key_type, check1[i].key_data, check1[i].key_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set up a key agreement operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_AGREEMENT, &generator,
+ check1[i].key_handle, check1[i].peer_key, check1[i].peer_key_length,
+ check1[i].key_alg);
+ TEST_ASSERT_EQUAL(status, check1[i].expected_status, TEST_CHECKPOINT_NUM(6));
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ {
+ /* Abort a generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(7));
+ continue;
+ }
+
+ /* Retrieve the current capacity of a generator */
+ status = val->crypto_function(VAL_CRYPTO_GET_GENERATOR_CAPACITY, &generator, &capacity);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(8));
+
+ /* Check if the generator capacity matches with the expected capacity */
+ TEST_ASSERT_EQUAL(capacity, check1[i].expected_capacity, TEST_CHECKPOINT_NUM(9));
+
+ /* Read some data from a generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_READ, &generator, output,
+ check1[i].expected_output_length);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(10));
+
+ /* Check if the output matches with the expected data */
+ TEST_ASSERT_MEMCMP(output, check1[i].expected_output, check1[i].expected_output_length,
+ TEST_CHECKPOINT_NUM(11));
+
+ /* Abort a generator */
+ status = val->crypto_function(VAL_CRYPTO_GENERATOR_ABORT, &generator);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(12));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_key_agreement_negative_test(security_t caller)
+{
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ int32_t i, status;
+ psa_key_policy_t policy;
+ psa_crypto_generator_t generator = {0};
+
+ /* Initialize the PSA crypto library*/
+ status = val->crypto_function(VAL_CRYPTO_INIT);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(1));
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] Test psa_key_agreement - Invalid key handle\n",
+ g_test_count++);
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Setting up the watchdog timer for each check */
+ status = val->wd_reprogram_timer(WD_CRYPTO_TIMEOUT);
+ TEST_ASSERT_EQUAL(status, VAL_STATUS_SUCCESS, TEST_CHECKPOINT_NUM(2));
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
+ check2[i].key_alg);
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_key_agreement - Invalid key handle\n",
+ g_test_count++);
+ /* Set up a key agreement operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_AGREEMENT, &generator,
+ check2[i].key_handle, check2[i].peer_key, check2[i].peer_key_length,
+ check2[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(3));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_key_agreement - Zero as key handle\n",
+ g_test_count++);
+ /* Set up a key agreement operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_AGREEMENT, &generator,
+ 0, check2[i].peer_key, check2[i].peer_key_length,
+ check2[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_INVALID_HANDLE, TEST_CHECKPOINT_NUM(4));
+
+ val->print(PRINT_TEST, "[Check %d] Test psa_key_agreement - Empty key handle\n",
+ g_test_count++);
+ /* Allocate a key slot for a transient key */
+ status = val->crypto_function(VAL_CRYPTO_ALLOCATE_KEY, check2[i].key_type,
+ check2[i].key_length, &check2[i].key_handle);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(5));
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_handle,
+ &policy);
+ TEST_ASSERT_EQUAL(status, PSA_SUCCESS, TEST_CHECKPOINT_NUM(6));
+
+ /* Set up a key agreement operation */
+ status = val->crypto_function(VAL_CRYPTO_KEY_AGREEMENT, &generator,
+ check2[i].key_handle, check2[i].peer_key, check2[i].peer_key_length,
+ check2[i].key_alg);
+ TEST_ASSERT_EQUAL(status, PSA_ERROR_EMPTY_SLOT, TEST_CHECKPOINT_NUM(7));
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/crypto/test_c043/test_c043.h b/api-tests/dev_apis/crypto/test_c043/test_c043.h
new file mode 100644
index 0000000..0192b6e
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c043/test_c043.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C043_CLIENT_TESTS_H_
+#define _TEST_C043_CLIENT_TESTS_H_
+
+#include "val_crypto.h"
+#define test_entry CONCAT(test_entry_,c043)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c043_crypto_list[];
+
+int32_t psa_key_agreement_test(security_t caller);
+int32_t psa_key_agreement_negative_test(security_t caller);
+#endif /* _TEST_C043_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/crypto/test_c043/test_data.h b/api-tests/dev_apis/crypto/test_c043/test_data.h
new file mode 100644
index 0000000..675bb59
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c043/test_data.h
@@ -0,0 +1,190 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_handle_t key_handle;
+ psa_key_type_t key_type;
+ uint8_t key_data[91];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ uint8_t peer_key[120];
+ size_t peer_key_length;
+ uint8_t expected_output[48];
+ size_t expected_output_length;
+ size_t expected_capacity;
+ psa_status_t expected_status;
+} test_data;
+
+
+static test_data check1[] = {
+{"Test psa_key_agreement - ECDH SECP256R1\n", 1,
+ PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1),
+{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
+ 0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
+ 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE, PSA_ALG_ECDH(PSA_ALG_SELECT_RAW),
+{0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01,
+ 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00,
+ 0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02,
+ 0x70, 0x39, 0x8c, 0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73,
+ 0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf, 0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c,
+ 0xc2, 0x3e, 0x81, 0x57, 0x85, 0x4c, 0x13, 0xc5, 0x8d, 0x6a, 0xac, 0x23, 0xf0,
+ 0x46, 0xad, 0xa3, 0x0f, 0x83, 0x53, 0xe7, 0x4f, 0x33, 0x03, 0x98, 0x72, 0xab},
+ 91,
+{0xd6, 0x84, 0x0f, 0x6b, 0x42, 0xf6, 0xed, 0xaf, 0xd1, 0x31, 0x16, 0xe0, 0xe1,
+ 0x25, 0x65, 0x20, 0x2f, 0xef, 0x8e, 0x9e, 0xce, 0x7d, 0xce, 0x03, 0x81, 0x24,
+ 0x64, 0xd0, 0x4b, 0x94, 0x42, 0xde}, 32, 32, PSA_SUCCESS
+},
+
+{"Test psa_key_agreement - ECDH SECP384R1\n", 2,
+ PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP384R1),
+{0x09, 0x9f, 0x3c, 0x70, 0x34, 0xd4, 0xa2, 0xc6, 0x99, 0x88, 0x4d, 0x73, 0xa3,
+ 0x75, 0xa6, 0x7f, 0x76, 0x24, 0xef, 0x7c, 0x6b, 0x3c, 0x0f, 0x16, 0x06, 0x47,
+ 0xb6, 0x74, 0x14, 0xdc, 0xe6, 0x55, 0xe3, 0x5b, 0x53, 0x80, 0x41, 0xe6, 0x49,
+ 0xee, 0x3f, 0xae, 0xf8, 0x96, 0x78, 0x3a, 0xb1, 0x94}, 48, PSA_KEY_USAGE_DERIVE,
+ PSA_ALG_ECDH(PSA_ALG_SELECT_RAW),
+{0x30, 0x76, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01,
+ 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22, 0x03, 0x62, 0x00, 0x04, 0xe5, 0x58,
+ 0xdb, 0xef, 0x53, 0xee, 0xcd, 0xe3, 0xd3, 0xfc, 0xcf, 0xc1, 0xae, 0xa0, 0x8a,
+ 0x89, 0xa9, 0x87, 0x47, 0x5d, 0x12, 0xfd, 0x95, 0x0d, 0x83, 0xcf, 0xa4, 0x17,
+ 0x32, 0xbc, 0x50, 0x9d, 0x0d, 0x1a, 0xc4, 0x3a, 0x03, 0x36, 0xde, 0xf9, 0x6f,
+ 0xda, 0x41, 0xd0, 0x77, 0x4a, 0x35, 0x71, 0xdc, 0xfb, 0xec, 0x7a, 0xac, 0xf3,
+ 0x19, 0x64, 0x72, 0x16, 0x9e, 0x83, 0x84, 0x30, 0x36, 0x7f, 0x66, 0xee, 0xbe,
+ 0x3c, 0x6e, 0x70, 0xc4, 0x16, 0xdd, 0x5f, 0x0c, 0x68, 0x75, 0x9d, 0xd1, 0xff,
+ 0xf8, 0x3f, 0xa4, 0x01, 0x42, 0x20, 0x9d, 0xff, 0x5e, 0xaa, 0xd9, 0x6d, 0xb9,
+ 0xe6, 0x38, 0x6c}, 120,
+{0x11, 0x18, 0x73, 0x31, 0xc2, 0x79, 0x96, 0x2d, 0x93, 0xd6, 0x04, 0x24, 0x3f,
+ 0xd5, 0x92, 0xcb, 0x9d, 0x0a, 0x92, 0x6f, 0x42, 0x2e, 0x47, 0x18, 0x75, 0x21,
+ 0x28, 0x7e, 0x71, 0x56, 0xc5, 0xc4, 0xd6, 0x03, 0x13, 0x55, 0x69, 0xb9, 0xe9,
+ 0xd0, 0x9c, 0xf5, 0xd4, 0xa2, 0x70, 0xf5, 0x97, 0x46}, 48, 48, PSA_SUCCESS
+},
+
+{"Test psa_key_agreement - Invalid usage\n", 3,
+ PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1),
+{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
+ 0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
+ 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_ECDH(PSA_ALG_SELECT_RAW),
+{0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01,
+ 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00,
+ 0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02,
+ 0x70, 0x39, 0x8c, 0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73,
+ 0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf, 0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c,
+ 0xc2, 0x3e, 0x81, 0x57, 0x85, 0x4c, 0x13, 0xc5, 0x8d, 0x6a, 0xac, 0x23, 0xf0,
+ 0x46, 0xad, 0xa3, 0x0f, 0x83, 0x53, 0xe7, 0x4f, 0x33, 0x03, 0x98, 0x72, 0xab},
+ 91,
+{0xd6, 0x84, 0x0f, 0x6b, 0x42, 0xf6, 0xed, 0xaf, 0xd1, 0x31, 0x16, 0xe0, 0xe1,
+ 0x25, 0x65, 0x20, 0x2f, 0xef, 0x8e, 0x9e, 0xce, 0x7d, 0xce, 0x03, 0x81, 0x24,
+ 0x64, 0xd0, 0x4b, 0x94, 0x42, 0xde}, 32, 32, PSA_ERROR_NOT_PERMITTED
+},
+
+{"Test psa_key_agreement - Unknown KDF\n", 4,
+ PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1),
+{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
+ 0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
+ 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE, PSA_ALG_ECDH(0),
+{0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01,
+ 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00,
+ 0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02,
+ 0x70, 0x39, 0x8c, 0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73,
+ 0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf, 0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c,
+ 0xc2, 0x3e, 0x81, 0x57, 0x85, 0x4c, 0x13, 0xc5, 0x8d, 0x6a, 0xac, 0x23, 0xf0,
+ 0x46, 0xad, 0xa3, 0x0f, 0x83, 0x53, 0xe7, 0x4f, 0x33, 0x03, 0x98, 0x72, 0xab},
+ 91,
+{0xd6, 0x84, 0x0f, 0x6b, 0x42, 0xf6, 0xed, 0xaf, 0xd1, 0x31, 0x16, 0xe0, 0xe1,
+ 0x25, 0x65, 0x20, 0x2f, 0xef, 0x8e, 0x9e, 0xce, 0x7d, 0xce, 0x03, 0x81, 0x24,
+ 0x64, 0xd0, 0x4b, 0x94, 0x42, 0xde}, 32, 32, PSA_ERROR_NOT_SUPPORTED
+},
+
+{"Test psa_key_agreement - Not a key agreement alg\n", 5,
+ PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1),
+{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
+ 0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
+ 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE, PSA_ALG_HKDF(PSA_ALG_SHA_256),
+{0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01,
+ 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00,
+ 0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02,
+ 0x70, 0x39, 0x8c, 0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73,
+ 0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf, 0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c,
+ 0xc2, 0x3e, 0x81, 0x57, 0x85, 0x4c, 0x13, 0xc5, 0x8d, 0x6a, 0xac, 0x23, 0xf0,
+ 0x46, 0xad, 0xa3, 0x0f, 0x83, 0x53, 0xe7, 0x4f, 0x33, 0x03, 0x98, 0x72, 0xab},
+ 91,
+{0xd6, 0x84, 0x0f, 0x6b, 0x42, 0xf6, 0xed, 0xaf, 0xd1, 0x31, 0x16, 0xe0, 0xe1,
+ 0x25, 0x65, 0x20, 0x2f, 0xef, 0x8e, 0x9e, 0xce, 0x7d, 0xce, 0x03, 0x81, 0x24,
+ 0x64, 0xd0, 0x4b, 0x94, 0x42, 0xde}, 32, 32, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_key_agreement - Public key on different curve\n", 6,
+ PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1),
+{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
+ 0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
+ 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE, PSA_ALG_ECDH(PSA_ALG_SELECT_RAW),
+{0x30, 0x76, 0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01,
+ 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22, 0x03, 0x62, 0x00, 0x04, 0xe5, 0x58,
+ 0xdb, 0xef, 0x53, 0xee, 0xcd, 0xe3, 0xd3, 0xfc, 0xcf, 0xc1, 0xae, 0xa0, 0x8a,
+ 0x89, 0xa9, 0x87, 0x47, 0x5d, 0x12, 0xfd, 0x95, 0x0d, 0x83, 0xcf, 0xa4, 0x17,
+ 0x32, 0xbc, 0x50, 0x9d, 0x0d, 0x1a, 0xc4, 0x3a, 0x03, 0x36, 0xde, 0xf9, 0x6f,
+ 0xda, 0x41, 0xd0, 0x77, 0x4a, 0x35, 0x71, 0xdc, 0xfb, 0xec, 0x7a, 0xac, 0xf3,
+ 0x19, 0x64, 0x72, 0x16, 0x9e, 0x83, 0x84, 0x30, 0x36, 0x7f, 0x66, 0xee, 0xbe,
+ 0x3c, 0x6e, 0x70, 0xc4, 0x16, 0xdd, 0x5f, 0x0c, 0x68, 0x75, 0x9d, 0xd1, 0xff,
+ 0xf8, 0x3f, 0xa4, 0x01, 0x42, 0x20, 0x9d, 0xff, 0x5e, 0xaa, 0xd9, 0x6d, 0xb9,
+ 0xe6, 0x38, 0x6c}, 120,
+{0}, 0, 0, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_key_agreement - Public key instead of private key\n", 7,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY(PSA_ECC_CURVE_SECP256R1),
+{0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01,
+ 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00,
+ 0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02,
+ 0x70, 0x39, 0x8c, 0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73,
+ 0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf, 0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c,
+ 0xc2, 0x3e, 0x81, 0x57, 0x85, 0x4c, 0x13, 0xc5, 0x8d, 0x6a, 0xac, 0x23, 0xf0,
+ 0x46, 0xad, 0xa3, 0x0f, 0x83, 0x53, 0xe7, 0x4f, 0x33, 0x03, 0x98, 0x72, 0xab},
+ 91, PSA_KEY_USAGE_DERIVE, PSA_ALG_ECDH(PSA_ALG_SELECT_RAW),
+{0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01,
+ 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00,
+ 0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02,
+ 0x70, 0x39, 0x8c, 0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73,
+ 0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf, 0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c,
+ 0xc2, 0x3e, 0x81, 0x57, 0x85, 0x4c, 0x13, 0xc5, 0x8d, 0x6a, 0xac, 0x23, 0xf0,
+ 0x46, 0xad, 0xa3, 0x0f, 0x83, 0x53, 0xe7, 0x4f, 0x33, 0x03, 0x98, 0x72, 0xab},
+ 91, {0}, 0, 0, PSA_ERROR_INVALID_ARGUMENT
+},
+};
+
+static test_data check2[] = {
+{"Test psa_key_agreement - Negative case\n", 8,
+ PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1),
+{0xc8, 0x8f, 0x01, 0xf5, 0x10, 0xd9, 0xac, 0x3f, 0x70, 0xa2, 0x92, 0xda, 0xa2,
+ 0x31, 0x6d, 0xe5, 0x44, 0xe9, 0xaa, 0xb8, 0xaf, 0xe8, 0x40, 0x49, 0xc6, 0x2a,
+ 0x9c, 0x57, 0x86, 0x2d, 0x14, 0x33}, 32, PSA_KEY_USAGE_DERIVE, PSA_ALG_ECDH(PSA_ALG_SELECT_RAW),
+{0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01,
+ 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00,
+ 0x04, 0xd1, 0x2d, 0xfb, 0x52, 0x89, 0xc8, 0xd4, 0xf8, 0x12, 0x08, 0xb7, 0x02,
+ 0x70, 0x39, 0x8c, 0x34, 0x22, 0x96, 0x97, 0x0a, 0x0b, 0xcc, 0xb7, 0x4c, 0x73,
+ 0x6f, 0xc7, 0x55, 0x44, 0x94, 0xbf, 0x63, 0x56, 0xfb, 0xf3, 0xca, 0x36, 0x6c,
+ 0xc2, 0x3e, 0x81, 0x57, 0x85, 0x4c, 0x13, 0xc5, 0x8d, 0x6a, 0xac, 0x23, 0xf0,
+ 0x46, 0xad, 0xa3, 0x0f, 0x83, 0x53, 0xe7, 0x4f, 0x33, 0x03, 0x98, 0x72, 0xab},
+ 91,
+{0xd6, 0x84, 0x0f, 0x6b, 0x42, 0xf6, 0xed, 0xaf, 0xd1, 0x31, 0x16, 0xe0, 0xe1,
+ 0x25, 0x65, 0x20, 0x2f, 0xef, 0x8e, 0x9e, 0xce, 0x7d, 0xce, 0x03, 0x81, 0x24,
+ 0x64, 0xd0, 0x4b, 0x94, 0x42, 0xde}, 32, 32, PSA_SUCCESS
+},
+};
diff --git a/api-tests/dev_apis/crypto/test_c043/test_entry.c b/api-tests/dev_apis/crypto/test_c043/test_entry.c
new file mode 100644
index 0000000..b1ba5e3
--- /dev/null
+++ b/api-tests/dev_apis/crypto/test_c043/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c043.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 43)
+#define TEST_DESC "Testing crypto generator APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c043_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->crypto_function(VAL_CRYPTO_FREE);
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/crypto/testsuite.db b/api-tests/dev_apis/crypto/testsuite.db
index 8ad7c56..66170ee 100644
--- a/api-tests/dev_apis/crypto/testsuite.db
+++ b/api-tests/dev_apis/crypto/testsuite.db
@@ -1,5 +1,5 @@
#/** @file
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
# * Licensed under the Apache License, Version 2.0 (the "License");
@@ -35,5 +35,33 @@
test_c013
test_c014
test_c015
+test_c016
+test_c017
+test_c018
+test_c019
+test_c020
+test_c021
+test_c022
+test_c023
+test_c024
+test_c025
+test_c026
+test_c027
+test_c028
+test_c029
+test_c030
+test_c031
+test_c032
+test_c033
+test_c034
+test_c035
+test_c036
+test_c037
+test_c038
+test_c039
+test_c040
+test_c041
+test_c042
+test_c043
(END)
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s001/source.mk b/api-tests/dev_apis/internal_trusted_storage/test_s001/source.mk
new file mode 100644
index 0000000..4893e7c
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s001/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_s001.c
+CC_OPTIONS = -DITS_TEST
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s001/test_entry.c b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_entry.c
new file mode 100644
index 0000000..cb89692
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_s001.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 1)
+#define TEST_DESC "Key not found error check\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_secure_storage_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_s001_sst_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s001/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_its_data.h
new file mode 100644
index 0000000..45cfc02
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_its_data.h
@@ -0,0 +1,82 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S001_ITS_DATA_TESTS_H_
+#define _TEST_S001_ITS_DATA_TESTS_H_
+
+#include "val_internal_trusted_storage.h"
+
+#define SST_FUNCTION val->its_function
+#define psa_sst_uid_t psa_its_uid_t
+
+typedef struct {
+ char test_desc[100];
+ enum its_function_code api;
+ psa_its_status_t status;
+} test_data;
+
+static struct psa_its_info_t info;
+static test_data s001_data[] = {
+{
+ "This is dummy for index0", 0, 0
+},
+{
+ "Call the get api when no uid is set", VAL_ITS_GET, PSA_ITS_ERROR_KEY_NOT_FOUND
+},
+{
+ "Call the get_info api when no uid is set", VAL_ITS_GET_INFO, PSA_ITS_ERROR_KEY_NOT_FOUND
+},
+{
+ "Call the remove api when no uid is set", VAL_ITS_REMOVE, PSA_ITS_ERROR_KEY_NOT_FOUND
+},
+{
+ "Create a valid storage entity with uid1", VAL_ITS_SET, PSA_ITS_SUCCESS
+},
+{
+ "Create a valid storage entity with uid2", VAL_ITS_SET, PSA_ITS_SUCCESS
+},
+{
+ "Remove uid1", VAL_ITS_REMOVE, PSA_ITS_SUCCESS
+},
+{
+ "Call get api for uid1", VAL_ITS_GET, PSA_ITS_ERROR_KEY_NOT_FOUND
+},
+{
+ "Call get_info api for uid1", VAL_ITS_GET_INFO, PSA_ITS_ERROR_KEY_NOT_FOUND
+},
+{
+ "Call remove api for uid1", VAL_ITS_REMOVE, PSA_ITS_ERROR_KEY_NOT_FOUND
+},
+{
+ "Create a valid storage entity again with uid1", VAL_ITS_SET, PSA_ITS_SUCCESS
+},
+{
+ "Call get api for uid not same as uid1 or uid2", VAL_ITS_GET, PSA_ITS_ERROR_KEY_NOT_FOUND
+},
+{
+ "Call get_info for uid not same as uid1 or uid2", VAL_ITS_GET_INFO, PSA_ITS_ERROR_KEY_NOT_FOUND
+},
+{
+ "Call remove api for uid not same as uid1 or uid2", VAL_ITS_REMOVE, PSA_ITS_ERROR_KEY_NOT_FOUND
+},
+{
+ "Remove uid1", VAL_ITS_REMOVE, PSA_ITS_SUCCESS
+},
+{
+ "Remove uid2", VAL_ITS_REMOVE, PSA_ITS_SUCCESS
+},
+};
+#endif /* _TEST_S001_ITS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s001/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_ps_data.h
new file mode 100644
index 0000000..906cb19
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_ps_data.h
@@ -0,0 +1,82 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S001_PS_DATA_TESTS_H_
+#define _TEST_S001_PS_DATA_TESTS_H_
+
+#include "val_protected_storage.h"
+
+#define SST_FUNCTION val->ps_function
+#define psa_sst_uid_t psa_ps_uid_t
+
+typedef struct {
+ char test_desc[100];
+ enum ps_function_code api;
+ psa_ps_status_t status;
+} test_data;
+
+static struct psa_ps_info_t info;
+static test_data s001_data[] = {
+{
+ "This is dummy for index0", 0, 0
+},
+{
+ "Call the get api when no uid is set", VAL_PS_GET, PSA_PS_ERROR_KEY_NOT_FOUND
+},
+{
+ "Call the get_info api when no uid is set", VAL_PS_GET_INFO, PSA_PS_ERROR_KEY_NOT_FOUND
+},
+{
+ "Call the remove api when no uid is set", VAL_PS_REMOVE, PSA_PS_ERROR_KEY_NOT_FOUND
+},
+{
+ "Create a valid storage entity with uid1", VAL_PS_SET, PSA_PS_SUCCESS
+},
+{
+ "Create a valid storage entity with uid2", VAL_PS_SET, PSA_PS_SUCCESS
+},
+{
+ "Remove uid1", VAL_PS_REMOVE, PSA_PS_SUCCESS
+},
+{
+ "Call get api for uid1", VAL_PS_GET, PSA_PS_ERROR_KEY_NOT_FOUND
+},
+{
+ "Call get_info api for uid1", VAL_PS_GET_INFO, PSA_PS_ERROR_KEY_NOT_FOUND
+},
+{
+ "Call remove api for uid1", VAL_PS_REMOVE, PSA_PS_ERROR_KEY_NOT_FOUND
+},
+{
+ "Create a valid storage entity again with uid1", VAL_PS_SET, PSA_PS_SUCCESS
+},
+{
+ "Call get api for uid not same as uid1 or uid2", VAL_PS_GET, PSA_PS_ERROR_KEY_NOT_FOUND
+},
+{
+ "Call get_info for uid not same as uid1 or uid2", VAL_PS_GET_INFO, PSA_PS_ERROR_KEY_NOT_FOUND
+},
+{
+ "Call remove api for uid not same as uid1 or uid2", VAL_PS_REMOVE, PSA_PS_ERROR_KEY_NOT_FOUND
+},
+{
+ "Remove uid1", VAL_PS_REMOVE, PSA_PS_SUCCESS
+},
+{
+ "Remove uid2", VAL_PS_REMOVE, PSA_PS_SUCCESS
+},
+};
+#endif /* _TEST_S001_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s001/test_s001.c b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_s001.c
new file mode 100644
index 0000000..aebeff5
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_s001.c
@@ -0,0 +1,170 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_s001.h"
+#ifdef ITS_TEST
+#include "test_its_data.h"
+#elif PS_TEST
+#include "test_ps_data.h"
+#endif
+
+#define TEST_BUFF_SIZE 16
+
+client_test_t test_s001_sst_list[] = {
+ NULL,
+ psa_sst_key_not_found,
+ NULL,
+};
+
+static uint8_t write_buff[TEST_BUFF_SIZE] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F};
+static uint8_t read_buff[TEST_BUFF_SIZE] = {0};
+
+static int32_t sst_calls_without_set_call(psa_sst_uid_t p_uid)
+{
+ uint32_t status;
+
+ /* get() without using set() before */
+ val->print(PRINT_TEST, "[Check 1] GET api call for UID %d which is not set\n", p_uid);
+ status = SST_FUNCTION(s001_data[1].api, p_uid, 0, TEST_BUFF_SIZE, read_buff);
+ TEST_ASSERT_EQUAL(status,s001_data[1].status,TEST_CHECKPOINT_NUM(1));
+
+ /* get_info() without using set() before */
+ val->print(PRINT_TEST, "[Check 2] GET_INFO api call for UID %d which is not set\n", p_uid);
+ status = SST_FUNCTION(s001_data[2].api, p_uid, &info);
+ TEST_ASSERT_EQUAL(status, s001_data[2].status, TEST_CHECKPOINT_NUM(2));
+
+ /* remove() without using set() before */
+ val->print(PRINT_TEST, "[Check 3] REMOVE api call for UID %d which is not set\n", p_uid);
+ status = SST_FUNCTION(s001_data[3].api, p_uid);
+ TEST_ASSERT_EQUAL(status, s001_data[3].status, TEST_CHECKPOINT_NUM(3));
+
+ return VAL_STATUS_SUCCESS;
+}
+
+static int32_t sst_set_and_remove(psa_sst_uid_t p_uid)
+{
+ uint32_t status;
+
+ /* set() a UID1 */
+ status = SST_FUNCTION(s001_data[4].api, p_uid, TEST_BUFF_SIZE, write_buff, 0);
+ TEST_ASSERT_EQUAL(status, s001_data[4].status, TEST_CHECKPOINT_NUM(4));
+
+ /* Also set() with a different UID */
+ status = SST_FUNCTION(s001_data[5].api, p_uid + 1, TEST_BUFF_SIZE, write_buff, 0);
+ TEST_ASSERT_EQUAL(status, s001_data[5].status, TEST_CHECKPOINT_NUM(5));
+
+ /* remove() UID1 */
+ status = SST_FUNCTION(s001_data[6].api, p_uid);
+ TEST_ASSERT_EQUAL(status, s001_data[6].status, TEST_CHECKPOINT_NUM(6));
+
+ return VAL_STATUS_SUCCESS;
+}
+
+static int32_t sst_calls_after_uid_remove(psa_sst_uid_t p_uid)
+{
+ uint32_t status;
+
+ /* get() for UID which is removed */
+ val->print(PRINT_TEST, "[Check 4] GET api call for UID %d which is removed\n", p_uid);
+ status = SST_FUNCTION(s001_data[7].api, p_uid, 0, TEST_BUFF_SIZE, read_buff);
+ TEST_ASSERT_EQUAL(status, s001_data[7].status, TEST_CHECKPOINT_NUM(7));
+
+ /* get_info() for UID which is removed */
+ val->print(PRINT_TEST, "[Check 5] GET_INFO api call for UID %d which is removed\n", p_uid);
+ status = SST_FUNCTION(s001_data[8].api, p_uid, &info);
+ TEST_ASSERT_EQUAL(status, s001_data[8].status, TEST_CHECKPOINT_NUM(8));
+
+ /* remove() for UID which is removed */
+ val->print(PRINT_TEST, "[Check 6] REMOVE api call for UID %d which is removed\n", p_uid);
+ status = SST_FUNCTION(s001_data[9].api, p_uid);
+ TEST_ASSERT_EQUAL(status, s001_data[9].status, TEST_CHECKPOINT_NUM(9));
+
+ return VAL_STATUS_SUCCESS;
+}
+
+static int32_t sst_calls_with_different_uid(psa_sst_uid_t p_uid)
+{
+ uint32_t status;
+
+ /* set() a UID */
+ val->print(PRINT_TEST, "SET storage for UID %d\n", p_uid);
+ status = SST_FUNCTION(s001_data[10].api, p_uid, TEST_BUFF_SIZE, write_buff, 0);
+ TEST_ASSERT_EQUAL(status, s001_data[10].status, TEST_CHECKPOINT_NUM(10));
+
+ /* get() for different uid then set uid */
+ val->print(PRINT_TEST, "[Check 7] GET api call for different UID %d\n", p_uid);
+ status = SST_FUNCTION(s001_data[11].api, p_uid-1, 0, TEST_BUFF_SIZE - 1, read_buff);
+ TEST_ASSERT_EQUAL(status, s001_data[11].status, TEST_CHECKPOINT_NUM(11));
+
+ /* get_info() for different uid then set uid */
+ val->print(PRINT_TEST, "[Check 8] GET_INFO api call for different UID %d\n", p_uid);
+ status = SST_FUNCTION(s001_data[12].api, p_uid-1, &info);
+ TEST_ASSERT_EQUAL(status, s001_data[12].status, TEST_CHECKPOINT_NUM(12));
+
+ /* remove() for different uid then set uid */
+ val->print(PRINT_TEST, "[Check 9] REMOVE api call for different UID %d\n", p_uid);
+ status = SST_FUNCTION(s001_data[13].api, p_uid-1);
+ TEST_ASSERT_EQUAL(status, s001_data[13].status, TEST_CHECKPOINT_NUM(13));
+
+ /* remove() the set uid */
+ status = SST_FUNCTION(s001_data[14].api, p_uid);
+ TEST_ASSERT_EQUAL(status, s001_data[14].status, TEST_CHECKPOINT_NUM(14));
+
+ return VAL_STATUS_SUCCESS;
+}
+
+static int32_t sst_remove_stray_uid(psa_sst_uid_t p_uid)
+{
+ uint32_t status;
+
+ /* Remove UID + 1 */
+ status = SST_FUNCTION(s001_data[15].api, p_uid);
+ TEST_ASSERT_EQUAL(status, s001_data[15].status, TEST_CHECKPOINT_NUM(15));
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_sst_key_not_found(security_t caller)
+{
+ int32_t test_status;
+ psa_sst_uid_t uid = UID_BASE_VALUE + 10;
+
+ test_status = sst_calls_without_set_call(uid);
+ if (test_status != VAL_STATUS_SUCCESS)
+ return test_status;
+
+ test_status = sst_set_and_remove(uid);
+ if (test_status != VAL_STATUS_SUCCESS)
+ return test_status;
+
+ test_status = sst_calls_after_uid_remove(uid);
+ if (test_status != VAL_STATUS_SUCCESS)
+ return test_status;
+
+ test_status = sst_calls_with_different_uid(uid);
+ if (test_status != VAL_STATUS_SUCCESS)
+ return test_status;
+
+ test_status = sst_remove_stray_uid(uid + 1);
+ if (test_status != VAL_STATUS_SUCCESS)
+ return test_status;
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s001/test_s001.h b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_s001.h
new file mode 100644
index 0000000..a56a6e1
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s001/test_s001.h
@@ -0,0 +1,35 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S001_CLIENT_TESTS_H_
+#define _TEST_S001_CLIENT_TESTS_H_
+
+#ifdef ITS_TEST
+#define VAL_STORAGE_BASE VAL_INTERNAL_TRUSTED_STORAGE_BASE
+#define test_entry CONCAT(test_entry_, s001)
+#elif PS_TEST
+#define VAL_STORAGE_BASE VAL_PROTECTED_STORAGE_BASE
+#define test_entry CONCAT(test_entry_, p001)
+#endif
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_s001_sst_list[];
+
+int32_t psa_sst_key_not_found(security_t caller);
+#endif /* _TEST_S001_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s002/source.mk b/api-tests/dev_apis/internal_trusted_storage/test_s002/source.mk
new file mode 100755
index 0000000..614b897
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s002/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_s002.c
+CC_OPTIONS = -DITS_TEST
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s002/test_entry.c b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_entry.c
new file mode 100755
index 0000000..538a41f
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_s002.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 2)
+#define TEST_DESC "Write once error check\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_secure_storage_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_s002_sst_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s002/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_its_data.h
new file mode 100755
index 0000000..0179c96
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_its_data.h
@@ -0,0 +1,132 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S002_ITS_DATA_TESTS_H_
+#define _TEST_S002_ITS_DATA_TESTS_H_
+
+#include "val_internal_trusted_storage.h"
+
+#define SST_FUNCTION val->its_function
+#define PSA_SST_FLAG_WRITE_ONCE PSA_ITS_FLAG_WRITE_ONCE
+#define psa_sst_uid_t psa_its_uid_t
+
+typedef struct {
+ char test_desc[100];
+ enum its_function_code api;
+ psa_its_status_t status;
+} test_data;
+
+static struct psa_its_info_t orig_info;
+static struct psa_its_info_t new_info;
+static test_data s002_data[] = {
+{
+ "This is dummy for index0", 0, 0
+},
+{
+ "Create a valid storage with create flag value 0", VAL_ITS_SET, PSA_ITS_SUCCESS
+},
+{
+ "Call the get_info api to validate the attributes", VAL_ITS_GET_INFO, PSA_ITS_SUCCESS
+},
+{
+ "Index not used as check for get info size",0,0
+},
+{
+ "Index not used as check for get info flag",0,0
+},
+{
+ "validate the data using get api", VAL_ITS_GET, PSA_ITS_SUCCESS
+},
+{
+ "Index not used",0,0
+},
+{
+ "Change the flag to WRITE_ONCE using set api", VAL_ITS_SET, PSA_ITS_SUCCESS
+},
+{
+ "Call the get_info api to validate the flag change", VAL_ITS_GET_INFO, PSA_ITS_SUCCESS
+},
+{
+ "Index not used as check for get info size",0,0
+},
+{
+ "Index not used as check for get info flag",0,0
+},
+{
+ "validate the data using get api after flag change", VAL_ITS_GET, PSA_ITS_SUCCESS
+},
+{
+ "Index not used",0,0
+},
+{
+ " storage should not be removed after WRITE_ONCE flag", VAL_ITS_REMOVE, PSA_ITS_ERROR_WRITE_ONCE
+},
+{
+ "Create a valid storage with different uid and flag value WRITE_ONCE ", VAL_ITS_SET, PSA_ITS_SUCCESS
+},
+{
+ "storage should not be removed", VAL_ITS_REMOVE, PSA_ITS_ERROR_WRITE_ONCE
+},
+{
+ "validate the data using get api after flag change", VAL_ITS_GET, PSA_ITS_SUCCESS
+},
+{
+ "Index not used",0,0
+},
+{
+ "Call the get_info api to validate the flag change", VAL_ITS_GET_INFO, PSA_ITS_SUCCESS
+},
+{
+ "Index not used as check for get info size",0,0
+},
+{
+ "Index not used as check for get info flag",0,0
+},
+{
+ "try to set different size for same uid and flag value ", VAL_ITS_SET, PSA_ITS_ERROR_WRITE_ONCE
+},
+{
+ "storage should not be removed", VAL_ITS_REMOVE, PSA_ITS_ERROR_WRITE_ONCE
+},
+{
+ "Call the get_info api to validate the flag change", VAL_ITS_GET_INFO, PSA_ITS_SUCCESS
+},
+{
+ "Index not used as check for get info size",0,0
+},
+{
+ "Index not used as check for get info flag",0,0
+},
+{
+ "validate the data using get api after flag change", VAL_ITS_GET, PSA_ITS_SUCCESS
+},
+{
+ "Index not used",0,0
+},
+{
+ "Setting flag to zero for uid should fail ", VAL_ITS_SET, PSA_ITS_ERROR_WRITE_ONCE
+},
+{
+ "Check that the WRITE_ONCE flag is preserved", VAL_ITS_GET_INFO, PSA_ITS_SUCCESS
+},
+{
+ "Index not used as check for get info size",0,0
+},
+{
+ "Index not used as check for get info flag",0,0
+},
+};
+#endif /* _TEST_S001_ITS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s002/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_ps_data.h
new file mode 100755
index 0000000..df4ce83
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_ps_data.h
@@ -0,0 +1,132 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S002_PS_DATA_TESTS_H_
+#define _TEST_S002_PS_DATA_TESTS_H_
+
+#include "val_protected_storage.h"
+
+#define SST_FUNCTION val->ps_function
+#define PSA_SST_FLAG_WRITE_ONCE PSA_PS_FLAG_WRITE_ONCE
+#define psa_sst_uid_t psa_ps_uid_t
+
+typedef struct {
+ char test_desc[100];
+ enum ps_function_code api;
+ psa_ps_status_t status;
+} test_data;
+
+static struct psa_ps_info_t orig_info;
+static struct psa_ps_info_t new_info;
+static test_data s002_data[] = {
+{
+ "This is dummy for index0", 0, 0
+},
+{
+ "Create a valid storage with create flag value 0", VAL_PS_SET, PSA_PS_SUCCESS
+},
+{
+ "Call the get_info api to validate the attributes", VAL_PS_GET_INFO, PSA_PS_SUCCESS
+},
+{
+ "Index not used as check for get info size",0,0
+},
+{
+ "Index not used as check for get info flag",0,0
+},
+{
+ "validate the data using get api", VAL_PS_GET, PSA_PS_SUCCESS
+},
+{
+ "Index not used",0,0
+},
+{
+ "Change the flag to WRITE_ONCE using set api", VAL_PS_SET, PSA_PS_SUCCESS
+},
+{
+ "Call the get_info api to validate the flag change", VAL_PS_GET_INFO, PSA_PS_SUCCESS
+},
+{
+ "Index not used as check for get info size",0,0
+},
+{
+ "Index not used as check for get info flag",0,0
+},
+{
+ "validate the data using get api after flag change", VAL_PS_GET, PSA_PS_SUCCESS
+},
+{
+ "Index not used",0,0
+},
+{
+ " storage should not be removed after WRITE_ONCE flag", VAL_PS_REMOVE, PSA_PS_ERROR_WRITE_ONCE
+},
+{
+ "Create a valid storage with different uid and flag value WRITE_ONCE ", VAL_PS_SET, PSA_PS_SUCCESS
+},
+{
+ "storage should not be removed", VAL_PS_REMOVE, PSA_PS_ERROR_WRITE_ONCE
+},
+{
+ "validate the data using get api after flag change", VAL_PS_GET, PSA_PS_SUCCESS
+},
+{
+ "Index not used",0,0
+},
+{
+ "Call the get_info api to validate the flag change", VAL_PS_GET_INFO, PSA_PS_SUCCESS
+},
+{
+ "Index not used as check for get info size",0,0
+},
+{
+ "Index not used as check for get info flag",0,0
+},
+{
+ "try to set different size for same uid and flag value ", VAL_PS_SET, PSA_PS_ERROR_WRITE_ONCE
+},
+{
+ "storage should not be removed", VAL_PS_REMOVE, PSA_PS_ERROR_WRITE_ONCE
+},
+{
+ "Call the get_info api to validate the flag change", VAL_PS_GET_INFO, PSA_PS_SUCCESS
+},
+{
+ "Index not used as check for get info size",0,0
+},
+{
+ "Index not used as check for get info flag",0,0
+},
+{
+ "validate the data using get api after flag change", VAL_PS_GET, PSA_PS_SUCCESS
+},
+{
+ "Index not used",0,0
+},
+{
+ "Setting flag to zero for uid should fail ", VAL_PS_SET, PSA_PS_ERROR_WRITE_ONCE
+},
+{
+ "Check that the WRITE_ONCE flag is preserved", VAL_PS_GET_INFO, PSA_PS_SUCCESS
+},
+{
+ "Index not used as check for get info size",0,0
+},
+{
+ "Index not used as check for get info flag",0,0
+},
+};
+#endif /* _TEST_S001_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s002/test_s002.c b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_s002.c
new file mode 100755
index 0000000..e4d819b
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_s002.c
@@ -0,0 +1,161 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or sst affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_s002.h"
+#ifdef ITS_TEST
+#include "test_its_data.h"
+#elif PS_TEST
+#include "test_ps_data.h"
+#endif
+
+#define UID_WRITE_ONCE_1 UID_BASE_VALUE + 14
+#define UID_WRITE_ONCE_2 UID_BASE_VALUE + 15
+#define TEST_BUFF_SIZE 16
+
+client_test_t test_s002_sst_list[] = {
+ NULL,
+ psa_sst_update_write_once_flag_after_create,
+ psa_sst_create_with_write_once_flag,
+ NULL,
+};
+
+int32_t psa_sst_update_write_once_flag_after_create(security_t caller)
+{
+ uint32_t status;
+ psa_sst_uid_t uid = UID_WRITE_ONCE_1;
+ uint8_t write_buff[TEST_BUFF_SIZE/2] = {0xDE, 0xAD, 0xBE, 0xEF, 0xCA, 0xFE, 0xBA, 0xBE};
+ uint8_t read_buff[TEST_BUFF_SIZE/2] = {0};
+ uint8_t write_buff_new[TEST_BUFF_SIZE/4] = {0xFF, 0xFF, 0xFF, 0xFF};
+
+ /* set() data without a WRITE_ONCE flag */
+ status = SST_FUNCTION(s002_data[1].api, uid, TEST_BUFF_SIZE/2, write_buff, 0);
+ TEST_ASSERT_EQUAL(status, s002_data[1].status, TEST_CHECKPOINT_NUM(1));
+
+ /* Check that get_info() returns correct attributes; also store for reference for later */
+ status = SST_FUNCTION(s002_data[2].api, uid, &orig_info);
+ TEST_ASSERT_EQUAL(status, s002_data[2].status, TEST_CHECKPOINT_NUM(2));
+ TEST_ASSERT_EQUAL(orig_info.size, TEST_BUFF_SIZE/2, TEST_CHECKPOINT_NUM(3));
+ TEST_ASSERT_EQUAL(orig_info.flags, 0, TEST_CHECKPOINT_NUM(4));
+
+ /* Check for data consistency using get() */
+ status = SST_FUNCTION(s002_data[5].api, uid, 0, TEST_BUFF_SIZE/2, read_buff);
+ TEST_ASSERT_EQUAL(status, s002_data[5].status, TEST_CHECKPOINT_NUM(5));
+ TEST_ASSERT_MEMCMP(write_buff, read_buff, TEST_BUFF_SIZE/2, TEST_CHECKPOINT_NUM(6));
+
+ /* set() with WRITE_ONCE_FLAG */
+ val->print(PRINT_TEST, "[Check 1] Update the flag of UID %d with WRITE_ONCE flag\n", uid);
+ status = SST_FUNCTION(s002_data[7].api, uid, TEST_BUFF_SIZE/4, write_buff_new,
+ PSA_SST_FLAG_WRITE_ONCE);
+ TEST_ASSERT_EQUAL(status, s002_data[7].status, TEST_CHECKPOINT_NUM(7));
+
+ /* Check that info is updated, after new set */
+ status = SST_FUNCTION(s002_data[8].api, uid, &new_info);
+ TEST_ASSERT_EQUAL(status, s002_data[8].status, TEST_CHECKPOINT_NUM(8));
+ TEST_ASSERT_EQUAL(new_info.size, new_info.size, TEST_CHECKPOINT_NUM(9));
+ TEST_ASSERT_EQUAL(new_info.flags, new_info.flags, TEST_CHECKPOINT_NUM(10));
+
+ /* Check that data contents are preserved which were written with WRITE_ONCE_FLAG originally */
+ status = SST_FUNCTION(s002_data[11].api, uid, 0, TEST_BUFF_SIZE/4, read_buff);
+ TEST_ASSERT_EQUAL(status, s002_data[11].status, TEST_CHECKPOINT_NUM(11));
+ TEST_ASSERT_MEMCMP(write_buff_new, read_buff, TEST_BUFF_SIZE/4, TEST_CHECKPOINT_NUM(12));
+
+ /* remove() the UID */
+ val->print(PRINT_TEST, "[Check 2] Try to remove the uid %d having WRITE_ONCE flag\n", uid);
+ status = SST_FUNCTION(s002_data[13].api, uid);
+ TEST_ASSERT_EQUAL(status, s002_data[13].status, TEST_CHECKPOINT_NUM(13));
+
+ return VAL_STATUS_SUCCESS;
+}
+
+
+int32_t psa_sst_create_with_write_once_flag(security_t caller)
+{
+ uint32_t status;
+ psa_sst_uid_t uid = UID_WRITE_ONCE_2;
+ uint8_t write_buff[TEST_BUFF_SIZE] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F};
+ uint8_t read_buff[TEST_BUFF_SIZE] = {0};
+ uint8_t write_buff_new[TEST_BUFF_SIZE + 1] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF};
+
+ /* Set data for a UID using WRITE_ONCE flag */
+ val->print(PRINT_TEST, "[Check 3] Create a new UID %d with WRITE_ONCE flag\n", uid);
+ status = SST_FUNCTION(s002_data[14].api, uid, TEST_BUFF_SIZE, write_buff,
+ PSA_SST_FLAG_WRITE_ONCE);
+ TEST_ASSERT_EQUAL(status, s002_data[14].status, TEST_CHECKPOINT_NUM(14));
+
+ /* Check that remove() fails with PSA_SST_ERROR_WRITE_ONCE */
+ val->print(PRINT_TEST, "[Check 4] Try to remove the UID %d having WRITE_ONCE flag\n", uid);
+ status = SST_FUNCTION(s002_data[15].api, uid);
+ TEST_ASSERT_EQUAL(status, s002_data[15].status, TEST_CHECKPOINT_NUM(15));
+
+ /* Check data consistency using get()*/
+ status = SST_FUNCTION(s002_data[16].api, uid, 0, TEST_BUFF_SIZE, read_buff);
+ TEST_ASSERT_EQUAL(status, s002_data[16].status, TEST_CHECKPOINT_NUM(16));
+ TEST_ASSERT_MEMCMP(write_buff, read_buff, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(17));
+
+ /* Check that info values is as expected */
+ status = SST_FUNCTION(s002_data[18].api, uid, &orig_info);
+ TEST_ASSERT_EQUAL(status, s002_data[18].status, TEST_CHECKPOINT_NUM(18));
+ TEST_ASSERT_EQUAL(orig_info.size, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(19));
+ TEST_ASSERT_EQUAL(orig_info.flags, PSA_SST_FLAG_WRITE_ONCE, TEST_CHECKPOINT_NUM(20));
+
+ /* Try to overwrite using set() with same UID as used before with WRITE_ONCE_FLAG */
+ val->print(PRINT_TEST, "[Check 5] Try to change the length of write_once UID %d\n", uid);
+ status = SST_FUNCTION(s002_data[21].api, uid, (TEST_BUFF_SIZE + 1), write_buff_new,
+ PSA_SST_FLAG_WRITE_ONCE);
+ TEST_ASSERT_EQUAL(status, s002_data[21].status, TEST_CHECKPOINT_NUM(21));
+
+ /* Check that remove() still fails with PSA_SST_ERROR_WRITE_ONCE */
+ val->print(PRINT_TEST, "[Check 6] Check UID removal still fails\n", 0);
+ status = SST_FUNCTION(s002_data[22].api, uid);
+ TEST_ASSERT_EQUAL(status, s002_data[22].status, TEST_CHECKPOINT_NUM(22));
+
+ /* Check that info is preserved */
+ status = SST_FUNCTION(s002_data[23].api, uid, &new_info);
+ TEST_ASSERT_EQUAL(status, s002_data[23].status, TEST_CHECKPOINT_NUM(23));
+ TEST_ASSERT_EQUAL(new_info.size, orig_info.size, TEST_CHECKPOINT_NUM(24));
+ TEST_ASSERT_EQUAL(new_info.flags, orig_info.flags, TEST_CHECKPOINT_NUM(25));
+
+ /* Check that data contents are preserved which were written with WRITE_ONCE_FLAG originally */
+ status = SST_FUNCTION(s002_data[26].api, uid, 0, TEST_BUFF_SIZE, read_buff);
+ TEST_ASSERT_EQUAL(status, s002_data[26].status, TEST_CHECKPOINT_NUM(26));
+ TEST_ASSERT_MEMCMP(write_buff, read_buff, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(27));
+
+ /* Try to overwrite using set() with same UID as used before without WRITE_ONCE_FLAG */
+ val->print(PRINT_TEST, "[Check 7] Try to change the WRITE_ONCE flag to None for UID %d\n", uid);
+ new_info.size = 0;
+ new_info.flags = 0;
+ status = SST_FUNCTION(s002_data[28].api, uid, (TEST_BUFF_SIZE - 1), write_buff_new, 0);
+ TEST_ASSERT_EQUAL(status, s002_data[28].status, TEST_CHECKPOINT_NUM(28));
+
+ /* Check that remove() still fails with PSA_SST_ERROR_WRITE_ONCE */
+ val->print(PRINT_TEST, "[Check 8] Check UID removal still fails\n", 0);
+ status = SST_FUNCTION(s002_data[29].api, uid);
+ TEST_ASSERT_EQUAL(status, s002_data[29].status, TEST_CHECKPOINT_NUM(29));
+
+ /* Check that info is preserved */
+ status = SST_FUNCTION(s002_data[30].api, uid, &new_info);
+ TEST_ASSERT_EQUAL(status, s002_data[30].status, TEST_CHECKPOINT_NUM(30));
+ TEST_ASSERT_EQUAL(new_info.size, orig_info.size, TEST_CHECKPOINT_NUM(31));
+ TEST_ASSERT_EQUAL(new_info.flags, orig_info.flags, TEST_CHECKPOINT_NUM(32));
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s002/test_s002.h b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_s002.h
new file mode 100755
index 0000000..91c7aef
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s002/test_s002.h
@@ -0,0 +1,36 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S002_CLIENT_TESTS_H_
+#define _TEST_S002_CLIENT_TESTS_H_
+
+#ifdef ITS_TEST
+#define VAL_STORAGE_BASE VAL_INTERNAL_TRUSTED_STORAGE_BASE
+#define test_entry CONCAT(test_entry_, s002)
+#elif PS_TEST
+#define VAL_STORAGE_BASE VAL_PROTECTED_STORAGE_BASE
+#define test_entry CONCAT(test_entry_, p002)
+#endif
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_s002_sst_list[];
+
+int32_t psa_sst_update_write_once_flag_after_create(security_t caller);
+int32_t psa_sst_create_with_write_once_flag(security_t caller);
+#endif /* _TEST_S002_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s003/source.mk b/api-tests/dev_apis/internal_trusted_storage/test_s003/source.mk
new file mode 100755
index 0000000..6ab2796
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s003/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_s003.c
+CC_OPTIONS = -DITS_TEST
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s003/test_entry.c b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_entry.c
new file mode 100755
index 0000000..1648dd6
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_s003.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 3)
+#define TEST_DESC "Insufficient space error check\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_secure_storage_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_s003_sst_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s003/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_its_data.h
new file mode 100755
index 0000000..671a20e
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_its_data.h
@@ -0,0 +1,43 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S003_ITS_DATA_TESTS_H_
+#define _TEST_S003_ITS_DATA_TESTS_H_
+
+#include "val_internal_trusted_storage.h"
+
+#define SST_FUNCTION val->its_function
+#define PSA_SST_SUCCESS PSA_ITS_SUCCESS
+#define psa_sst_uid_t psa_its_uid_t
+
+typedef struct {
+ char test_desc[100];
+ enum its_function_code api;
+ psa_its_status_t status;
+} test_data;
+
+static test_data s003_data[] = {
+{
+ "This is dummy for index0", 0, 0
+},
+{
+ "Call set api till all the storage space is exhausted", VAL_ITS_SET, PSA_ITS_ERROR_INSUFFICIENT_SPACE
+},
+{
+ "Remove the uid created", VAL_ITS_REMOVE, PSA_ITS_SUCCESS
+},
+};
+#endif /* _TEST_S003_ITS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s003/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_ps_data.h
new file mode 100755
index 0000000..7c2c82e
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_ps_data.h
@@ -0,0 +1,43 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S003_PS_DATA_TESTS_H_
+#define _TEST_S003_PS_DATA_TESTS_H_
+
+#include "val_protected_storage.h"
+
+#define SST_FUNCTION val->ps_function
+#define PSA_SST_SUCCESS PSA_PS_SUCCESS
+#define psa_sst_uid_t psa_ps_uid_t
+
+typedef struct {
+ char test_desc[100];
+ enum ps_function_code api;
+ psa_ps_status_t status;
+} test_data;
+
+static test_data s003_data[] = {
+{
+ "This is dummy for index0", 0, 0
+},
+{
+ "Call set api till all the storage space is exhausted", VAL_PS_SET, PSA_PS_ERROR_INSUFFICIENT_SPACE
+},
+{
+ "Remove the uid created", VAL_PS_REMOVE, PSA_PS_SUCCESS
+},
+};
+#endif /* _TEST_S003_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s003/test_s003.c b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_s003.c
new file mode 100755
index 0000000..38a568f
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_s003.c
@@ -0,0 +1,83 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_s003.h"
+#if ITS_TEST
+#include "test_its_data.h"
+#elif PS_TEST
+#include "test_ps_data.h"
+#endif
+
+#define TEST_BUFF_SIZE 256
+#define NUM_ITERATIONS 5
+
+client_test_t test_s003_sst_list[] = {
+ NULL,
+ psa_sst_insufficient_space,
+ NULL,
+};
+
+static uint8_t write_buff[TEST_BUFF_SIZE];
+
+int32_t psa_sst_insufficient_space(security_t caller)
+{
+ uint32_t status = PSA_SST_SUCCESS;
+ psa_sst_uid_t uid;
+ uint32_t count = 0, results[NUM_ITERATIONS] = {0};
+ int i = 0;
+
+ /* Saturate the storage for NUM_ITERATION times, and remove them after */
+ for (i = 0 ; i < NUM_ITERATIONS; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] Overload storage space\n", i + 1 );
+ for (uid = 1; status == PSA_SST_SUCCESS; uid++)
+ {
+ val->print(PRINT_INFO, "Setting 0x%x bytes for ", TEST_BUFF_SIZE);
+ val->print(PRINT_INFO, "UID 0x%x\n", uid);
+ status = SST_FUNCTION(s003_data[1].api, uid, TEST_BUFF_SIZE, write_buff, 0);
+ }
+ TEST_ASSERT_EQUAL(status, s003_data[1].status, TEST_CHECKPOINT_NUM(1));
+
+ /* Store number of set()s it took to saturate the storage */
+ count = uid;
+ results[i] = uid - 1;
+
+ val->print(PRINT_TEST, "Remove all registered UIDs\n", 0);
+ for (uid = 1; uid < count; uid++)
+ {
+ status = SST_FUNCTION(s003_data[2].api, uid);
+ if (status != PSA_SST_SUCCESS)
+ return VAL_STATUS_ERROR;
+ }
+ TEST_ASSERT_EQUAL(status, s003_data[2].status, TEST_CHECKPOINT_NUM(2));
+ }
+
+ /* Check that it takes equal number of UIDs to fill up the storage each time */
+ for (i = 0; i < (NUM_ITERATIONS -1); i++)
+ {
+ if (results[i] != results[i+1])
+ {
+ val->print(PRINT_ERROR, "\tERROR : Mismatch between number of UIDs required to\n", 0);
+ val->print(PRINT_ERROR, "\t fill up the storage between iteration %d", i);
+ val->print(PRINT_ERROR, " and iteration %d\n", i+1);
+ return VAL_STATUS_ERROR;
+ }
+ }
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s003/test_s003.h b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_s003.h
new file mode 100755
index 0000000..ab2d6aa
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s003/test_s003.h
@@ -0,0 +1,35 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S003_CLIENT_TESTS_H_
+#define _TEST_S003_CLIENT_TESTS_H_
+
+#ifdef ITS_TEST
+#define VAL_STORAGE_BASE VAL_INTERNAL_TRUSTED_STORAGE_BASE
+#define test_entry CONCAT(test_entry_, s003)
+#elif PS_TEST
+#define VAL_STORAGE_BASE VAL_PROTECTED_STORAGE_BASE
+#define test_entry CONCAT(test_entry_, p003)
+#endif
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_s003_sst_list[];
+
+int32_t psa_sst_insufficient_space(security_t caller);
+#endif /* _TEST_S003_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s004/source.mk b/api-tests/dev_apis/internal_trusted_storage/test_s004/source.mk
new file mode 100755
index 0000000..8c265c5
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s004/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_s004.c
+CC_OPTIONS = -DITS_TEST
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s004/test_entry.c b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_entry.c
new file mode 100755
index 0000000..f0d566b
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_s004.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 4)
+#define TEST_DESC "Invalid offset error check\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_secure_storage_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_s004_sst_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s004/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_its_data.h
new file mode 100755
index 0000000..ab29232
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_its_data.h
@@ -0,0 +1,66 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S004_ITS_DATA_TESTS_H_
+#define _TEST_S004_ITS_DATA_TESTS_H_
+
+#include "val_internal_trusted_storage.h"
+
+#define SST_FUNCTION val->its_function
+#define psa_sst_uid_t psa_its_uid_t
+
+typedef struct {
+ char test_desc[100];
+ enum its_function_code api;
+ psa_its_status_t status;
+} test_data;
+
+static test_data s004_data[] = {
+{
+ "This is dummy for index0", 0, 0
+},
+{
+ "Create a valid storage entity ", VAL_ITS_SET, PSA_ITS_SUCCESS
+},
+{
+ "validate the data using get api after set api failure", VAL_ITS_GET, PSA_ITS_SUCCESS
+},
+{
+ "Index not used",0,0
+},
+{
+ "For same uid set the length as half of previous", VAL_ITS_SET, PSA_ITS_SUCCESS
+},
+{
+ "Call get with incorrect length", VAL_ITS_GET, PSA_ITS_ERROR_INCORRECT_SIZE
+},
+{
+ "No data should be returned",0,0
+},
+{
+ "Call get api with correct length", VAL_ITS_GET, PSA_ITS_SUCCESS
+},
+{
+ "No data should be returned",0,0
+},
+{
+ "Check that we should not be able to access the old data",0,0
+},
+{
+ "Remove the valid storage entity ", VAL_ITS_REMOVE, PSA_ITS_SUCCESS
+},
+};
+#endif /* _TEST_S004_ITS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s004/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_ps_data.h
new file mode 100755
index 0000000..177bb86
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_ps_data.h
@@ -0,0 +1,66 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S004_PS_DATA_TESTS_H_
+#define _TEST_S004_PS_DATA_TESTS_H_
+
+#include "val_protected_storage.h"
+
+#define SST_FUNCTION val->ps_function
+#define psa_sst_uid_t psa_ps_uid_t
+
+typedef struct {
+ char test_desc[100];
+ enum ps_function_code api;
+ psa_ps_status_t status;
+} test_data;
+
+static test_data s004_data[] = {
+{
+ "This is dummy for index0", 0, 0
+},
+{
+ "Create a valid storage entity ", VAL_PS_SET, PSA_PS_SUCCESS
+},
+{
+ "validate the data using get api after set api failure", VAL_PS_GET, PSA_PS_SUCCESS
+},
+{
+ "Index not used",0,0
+},
+{
+ "For same uid set the length as half of previous", VAL_PS_SET, PSA_PS_SUCCESS
+},
+{
+ "Call get with incorrect length", VAL_PS_GET, PSA_PS_ERROR_INCORRECT_SIZE
+},
+{
+ "No data should be returned",0,0
+},
+{
+ "Call get api with correct length", VAL_PS_GET, PSA_PS_SUCCESS
+},
+{
+ "No data should be returned",0,0
+},
+{
+ "Check that we should not be able to access the old data",0,0
+},
+{
+ "Remove the valid storage entity ", VAL_PS_REMOVE, PSA_PS_SUCCESS
+},
+};
+#endif /* _TEST_S004_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s004/test_s004.c b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_s004.c
new file mode 100755
index 0000000..aadf9a5
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_s004.c
@@ -0,0 +1,86 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_s004.h"
+#ifdef ITS_TEST
+#include "test_its_data.h"
+#elif PS_TEST
+#include "test_ps_data.h"
+#endif
+
+#define TEST_BUFF_SIZE 20
+
+client_test_t test_s004_sst_list[] = {
+ NULL,
+ psa_sst_get_data_check,
+ NULL,
+};
+
+static psa_sst_uid_t uid = UID_BASE_VALUE + 10;
+static uint8_t read_buff[TEST_BUFF_SIZE] = {0};
+static uint8_t write_buff[TEST_BUFF_SIZE] = {0x99, 0x01, 0x30, 0x50, 0x04, 0x23, 0xF6, 0x07, 0x08, \
+ 0x0D, 0x70, 0xA1, 0xFF, 0xFF, 0x14, 0x73, 0x46, 0x97, 0xE8, 0xDD};
+
+int32_t psa_sst_get_data_check(security_t caller)
+{
+ uint32_t status,j;
+
+ /* Set data for uid */
+ status = SST_FUNCTION(s004_data[1].api, uid + 1, TEST_BUFF_SIZE, write_buff,0);
+ TEST_ASSERT_EQUAL(status, s004_data[1].status, TEST_CHECKPOINT_NUM(1));
+
+ /* Call get function and check the data consistency */
+ status = SST_FUNCTION(s004_data[2].api, uid + 1, 0, TEST_BUFF_SIZE, read_buff);
+ TEST_ASSERT_EQUAL(status, s004_data[2].status, TEST_CHECKPOINT_NUM(2));
+ TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE, TEST_CHECKPOINT_NUM(3));
+
+ /* Call the SET again for same uid and set the length as half */
+ status = SST_FUNCTION(s004_data[4].api, uid, TEST_BUFF_SIZE/2, write_buff, 0);
+ TEST_ASSERT_EQUAL(status, s004_data[4].status, TEST_CHECKPOINT_NUM(4));
+
+ /* Call get function with incorrect buffer length */
+ val->print(PRINT_TEST, "[Check 1] Buffer returned by get api with incorrect length"
+ " should be empty\n", 0);
+ memset(read_buff, 0, TEST_BUFF_SIZE);
+ status = SST_FUNCTION(s004_data[5].api, uid, 0, TEST_BUFF_SIZE, read_buff);
+ TEST_ASSERT_EQUAL(status, s004_data[5].status, TEST_CHECKPOINT_NUM(5));
+ for (j = 0; j < TEST_BUFF_SIZE; j++)
+ {
+ TEST_ASSERT_EQUAL(read_buff[j], 0, TEST_CHECKPOINT_NUM(6));
+ }
+
+ /* Call get function with CORRECT buffer length */
+ status = SST_FUNCTION(s004_data[7].api, uid, 0, TEST_BUFF_SIZE/2, read_buff);
+ TEST_ASSERT_EQUAL(status, s004_data[7].status, TEST_CHECKPOINT_NUM(7));
+ TEST_ASSERT_MEMCMP(read_buff, write_buff, TEST_BUFF_SIZE/2, TEST_CHECKPOINT_NUM(8));
+
+ /* Check we should not be able to access old set data */
+ val->print(PRINT_TEST, "[Check 2] When get api is called for uid whose length in reduced,"
+ " check old data is inaccessible\n", 0);
+ for (j = TEST_BUFF_SIZE/2; j < TEST_BUFF_SIZE; j++)
+ {
+ TEST_ASSERT_EQUAL(read_buff[j], 0, TEST_CHECKPOINT_NUM(9));
+ }
+
+ /* Remove the uid to be used in other test case */
+ status = SST_FUNCTION(s004_data[10].api, uid);
+ TEST_ASSERT_EQUAL(status, s004_data[10].status, TEST_CHECKPOINT_NUM(10));
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s004/test_s004.h b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_s004.h
new file mode 100755
index 0000000..f556f85
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s004/test_s004.h
@@ -0,0 +1,35 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S004_CLIENT_TESTS_H_
+#define _TEST_S004_CLIENT_TESTS_H_
+
+#ifdef ITS_TEST
+#define VAL_STORAGE_BASE VAL_INTERNAL_TRUSTED_STORAGE_BASE
+#define test_entry CONCAT(test_entry_, s004)
+#elif PS_TEST
+#define VAL_STORAGE_BASE VAL_PROTECTED_STORAGE_BASE
+#define test_entry CONCAT(test_entry_, p004)
+#endif
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_s004_sst_list[];
+
+int32_t psa_sst_get_data_check(security_t caller);
+#endif /* _TEST_S004_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s005/source.mk b/api-tests/dev_apis/internal_trusted_storage/test_s005/source.mk
new file mode 100755
index 0000000..c7d00f7
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s005/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_s005.c
+CC_OPTIONS = -DITS_TEST
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s005/test_entry.c b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_entry.c
new file mode 100755
index 0000000..36dcbaa
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_entry.c
@@ -0,0 +1,52 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_s005.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 5)
+#define TEST_DESC "Success scenarios check\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_secure_storage_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_s005_sst_list, FALSE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s005/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_its_data.h
new file mode 100755
index 0000000..5c7693f
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_its_data.h
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S005_ITS_DATA_TESTS_H_
+#define _TEST_S005_ITS_DATA_TESTS_H_
+
+#include "val_internal_trusted_storage.h"
+
+#define SST_FUNCTION val->its_function
+#define psa_sst_uid_t psa_its_uid_t
+#define psa_sst_create_flags_t psa_its_create_flags_t
+
+typedef struct {
+ char test_desc[100];
+ enum its_function_code api;
+ psa_its_status_t status;
+} test_data;
+
+static struct psa_its_info_t info;
+static test_data s005_data[] = {
+{
+ "This is dummy for index0", 0, 0
+},
+{
+ "Create a valid storage entity ", VAL_ITS_SET, PSA_ITS_SUCCESS
+},
+{
+ "validate the data using get api", VAL_ITS_GET, PSA_ITS_SUCCESS
+},
+{
+ "Index not used",0,0
+},
+{
+ "validate the data attributes get_info api", VAL_ITS_GET_INFO, PSA_ITS_SUCCESS
+},
+{
+ "Index not used",0,0
+},
+{
+ "Index not used",0,0
+},
+{
+ "Remove the valid storage entity ", VAL_ITS_REMOVE, PSA_ITS_SUCCESS
+},
+};
+#endif /* _TEST_S004_ITS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s005/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_ps_data.h
new file mode 100755
index 0000000..a928ed1
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_ps_data.h
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S005_PS_DATA_TESTS_H_
+#define _TEST_S005_PS_DATA_TESTS_H_
+
+#include "val_protected_storage.h"
+
+#define SST_FUNCTION val->ps_function
+#define psa_sst_uid_t psa_ps_uid_t
+#define psa_sst_create_flags_t psa_ps_create_flags_t
+
+typedef struct {
+ char test_desc[100];
+ enum ps_function_code api;
+ psa_ps_status_t status;
+} test_data;
+
+static struct psa_ps_info_t info;
+static test_data s005_data[] = {
+{
+ "This is dummy for index0", 0, 0
+},
+{
+ "Create a valid storage entity ", VAL_PS_SET, PSA_PS_SUCCESS
+},
+{
+ "validate the data using get api", VAL_PS_GET, PSA_PS_SUCCESS
+},
+{
+ "Index not used",0,0
+},
+{
+ "validate the data attributes get_info api", VAL_PS_GET_INFO, PSA_PS_SUCCESS
+},
+{
+ "Index not used",0,0
+},
+{
+ "Index not used",0,0
+},
+{
+ "Remove the valid storage entity ", VAL_PS_REMOVE, PSA_PS_SUCCESS
+},
+};
+#endif /* _TEST_S004_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s005/test_s005.c b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_s005.c
new file mode 100755
index 0000000..6e8b0b4
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_s005.c
@@ -0,0 +1,91 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_s005.h"
+#ifdef ITS_TEST
+#include "test_its_data.h"
+#elif PS_TEST
+#include "test_ps_data.h"
+#endif
+
+#define TEST_BUFF_SIZE 30
+
+client_test_t test_s005_sst_list[] = {
+ NULL,
+ psa_sst_apis_check_success_case,
+ NULL,
+};
+
+static uint8_t read_buff[TEST_BUFF_SIZE];
+static uint8_t write_buff[TEST_BUFF_SIZE] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x23, 0xF6, 0x07, 0x08, 0x0D, 0x0A, 0x1B, 0x0C, 0x5D, 0x0E,\
+ 0x70, 0xA1, 0xFF, 0xFF, 0x14, 0x73, 0x46, 0x97, 0xE8, 0xDD, 0xCA, 0x0B, 0x3C, 0x0D, 0x2E};
+
+static int32_t psa_sst_apis_check(psa_sst_uid_t uid, uint32_t data_len,
+ uint8_t *data_buff, psa_sst_create_flags_t create_flag)
+{
+ uint32_t status;
+
+ /* Set the uid with the data_len and data_buff */
+ status = SST_FUNCTION(s005_data[1].api, uid, data_len, data_buff, create_flag);
+ TEST_ASSERT_EQUAL(status, s005_data[1].status, TEST_CHECKPOINT_NUM(1));
+
+ /* Call the GET function to get the data buffer and match the buffer */
+ status = SST_FUNCTION(s005_data[2].api, uid, 0, data_len, read_buff);
+ TEST_ASSERT_EQUAL(status, s005_data[2].status, TEST_CHECKPOINT_NUM(2));
+ TEST_ASSERT_MEMCMP(read_buff, data_buff, data_len, TEST_CHECKPOINT_NUM(3));
+
+ /* Call the GET_INFO function and match the attributes */
+ status = SST_FUNCTION(s005_data[4].api, uid, &info);
+ TEST_ASSERT_EQUAL(status, s005_data[4].status, TEST_CHECKPOINT_NUM(4));
+ TEST_ASSERT_EQUAL(info.size, data_len, TEST_CHECKPOINT_NUM(5));
+ TEST_ASSERT_EQUAL(info.flags, create_flag, TEST_CHECKPOINT_NUM(6));
+
+ /* Remove the uid */
+ status = SST_FUNCTION(s005_data[7].api, uid);
+ TEST_ASSERT_EQUAL(status, s005_data[7].status, TEST_CHECKPOINT_NUM(7));
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_sst_apis_check_success_case(security_t caller)
+{
+ psa_sst_uid_t uid = UID_BASE_VALUE + 10;
+ uint32_t data_len = 0, status = VAL_STATUS_SUCCESS;
+ psa_sst_create_flags_t flag=0;
+
+ /* Calling SET function with BASE uid_value , data_len zero and valid data pointer */
+ val->print(PRINT_TEST, "[Check 1] Set UID with data length zero and call storage apis\n", 0);
+ if (psa_sst_apis_check(UID_BASE_VALUE, data_len, write_buff, flag))
+ {
+ val->print(PRINT_ERROR, "Data Len = %d\n", data_len);
+ val->print(PRINT_ERROR, "Create Flag value = %d\n", flag);
+ return VAL_STATUS_ERROR;
+ }
+
+ val->print(PRINT_TEST, "[Check 2] Change data length to non-zero and make apis call\n", 0);
+ if (psa_sst_apis_check(uid, TEST_BUFF_SIZE/2, write_buff, flag))
+ {
+ val->print(PRINT_ERROR, "Data Len = %d\n", data_len);
+ val->print(PRINT_ERROR, "Create Flag value = %d\n", flag);
+ return VAL_STATUS_ERROR;
+ }
+
+ return status;
+}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s005/test_s005.h b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_s005.h
new file mode 100755
index 0000000..84cbf43
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s005/test_s005.h
@@ -0,0 +1,36 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S005_CLIENT_TESTS_H_
+#define _TEST_S005_CLIENT_TESTS_H_
+
+#ifdef ITS_TEST
+#define VAL_STORAGE_BASE VAL_INTERNAL_TRUSTED_STORAGE_BASE
+#define test_entry CONCAT(test_entry_, s005)
+#elif PS_TEST
+#define VAL_STORAGE_BASE VAL_PROTECTED_STORAGE_BASE
+#define test_entry CONCAT(test_entry_, p005)
+#endif
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_s005_sst_list[];
+
+int32_t psa_sst_apis_check_success_case(security_t caller);
+
+#endif /* _TEST_S005_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s006/source.mk b/api-tests/dev_apis/internal_trusted_storage/test_s006/source.mk
new file mode 100755
index 0000000..cdcebd2
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s006/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_s006.c
+CC_OPTIONS = -DITS_TEST
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s006/test_entry.c b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_entry.c
new file mode 100755
index 0000000..2cca80f
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_entry.c
@@ -0,0 +1,52 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_s006.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 6)
+#define TEST_DESC "Flag not supported error check\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_secure_storage_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_s006_sst_list, FALSE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s006/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_its_data.h
new file mode 100755
index 0000000..e6ddd35
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_its_data.h
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S006_ITS_DATA_TESTS_H_
+#define _TEST_S006_ITS_DATA_TESTS_H_
+
+#include "val_internal_trusted_storage.h"
+
+#define SST_FUNCTION val->its_function
+#define PSA_SST_FLAG_WRITE_ONCE PSA_ITS_FLAG_WRITE_ONCE
+#define psa_sst_uid_t psa_its_uid_t
+#define psa_sst_create_flags_t psa_its_create_flags_t
+
+typedef struct {
+ char test_desc[100];
+ enum its_function_code api;
+ psa_its_status_t status;
+} test_data;
+
+static struct psa_its_info_t info;
+static test_data s006_data[] = {
+{
+ "This is dummy for index0", 0, 0
+},
+{
+ "Create a valid storage entity with different flag values ", VAL_ITS_SET, PSA_ITS_SUCCESS
+},
+{
+ "validate the flag value get_info api", VAL_ITS_GET_INFO, PSA_ITS_SUCCESS
+},
+{
+ "Index not used",0,0
+},
+{
+ "Remove the storage entity ", VAL_ITS_REMOVE, PSA_ITS_SUCCESS
+},
+};
+#endif /* _TEST_S006_ITS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s006/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_ps_data.h
new file mode 100755
index 0000000..400723b
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_ps_data.h
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S006_PS_DATA_TESTS_H_
+#define _TEST_S006_PS_DATA_TESTS_H_
+
+#include "val_protected_storage.h"
+
+#define SST_FUNCTION val->ps_function
+#define PSA_SST_FLAG_WRITE_ONCE PSA_PS_FLAG_WRITE_ONCE
+#define psa_sst_uid_t psa_ps_uid_t
+#define psa_sst_create_flags_t psa_ps_create_flags_t
+
+typedef struct {
+ char test_desc[100];
+ enum ps_function_code api;
+ psa_ps_status_t status;
+} test_data;
+
+static struct psa_ps_info_t info;
+static test_data s006_data[] = {
+{
+ "This is dummy for index0", 0, 0
+},
+{
+ "Create a valid storage entity with different flag values ", VAL_PS_SET, PSA_PS_SUCCESS
+},
+{
+ "validate the flag value get_info api", VAL_PS_GET_INFO, PSA_PS_SUCCESS
+},
+{
+ "Index not used",0,0
+},
+{
+ "Remove the storage entity ", VAL_PS_REMOVE, PSA_PS_SUCCESS
+},
+};
+#endif /* _TEST_S006_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s006/test_s006.c b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_s006.c
new file mode 100755
index 0000000..6109c49
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_s006.c
@@ -0,0 +1,90 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_s006.h"
+#ifdef ITS_TEST
+#include "test_its_data.h"
+#elif PS_TEST
+#include "test_ps_data.h"
+#endif
+
+#define TEST_BUFF_SIZE 30
+
+client_test_t test_s006_sst_list[] = {
+ NULL,
+ psa_sst_get_apis_check_for_different_flags_value,
+ NULL,
+};
+
+static uint8_t write_buff[TEST_BUFF_SIZE] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x23, 0xF6, 0x07, 0x08, 0x0D, 0x0A, 0x1B, 0x0C, 0x5D, 0x0E,\
+ 0x70, 0xA1, 0xFF, 0xFF, 0x14, 0x73, 0x46, 0x97, 0xE8, 0xDD, 0xCA, 0x0B, 0x3C, 0x0D, 0x2E};
+
+static int32_t psa_sst_set_api_with_flag_value(psa_sst_uid_t uid, uint32_t data_len,
+ uint8_t *data_buff, psa_sst_create_flags_t create_flag)
+{
+ uint32_t status;
+
+ /* Set the uid with the data_len and data_buff */
+ status = SST_FUNCTION(s006_data[1].api, uid, data_len, data_buff, create_flag);
+ TEST_ASSERT_EQUAL(status, s006_data[1].status, TEST_CHECKPOINT_NUM(1));
+
+ /* Call the GET_INFO function and match the attributes */
+ status = SST_FUNCTION(s006_data[2].api, uid, &info);
+ TEST_ASSERT_EQUAL(status, s006_data[2].status, TEST_CHECKPOINT_NUM(2));
+ TEST_ASSERT_EQUAL(info.flags, create_flag, TEST_CHECKPOINT_NUM(3));
+
+ /* Remove the uid */
+ status = SST_FUNCTION(s006_data[4].api, uid);
+ TEST_ASSERT_EQUAL(status, s006_data[4].status, TEST_CHECKPOINT_NUM(4));
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_sst_get_apis_check_for_different_flags_value(security_t caller)
+{
+ psa_sst_create_flags_t flag = 0x80000000;
+ uint32_t status = VAL_STATUS_SUCCESS;
+
+ /* Calling SET function with different create flag value */
+
+ val->print(PRINT_TEST, "[Check 1] SET api call with valid flag values\n", 0);
+ while (flag)
+ {
+ if (psa_sst_set_api_with_flag_value(UID_BASE_VALUE, TEST_BUFF_SIZE, write_buff,
+ (flag & (~PSA_SST_FLAG_WRITE_ONCE))))
+ {
+ val->print(PRINT_ERROR, "Flag value = %d\n", (flag & (~PSA_SST_FLAG_WRITE_ONCE)));
+ return VAL_STATUS_ERROR;
+ }
+
+ if (psa_sst_set_api_with_flag_value(UID_BASE_VALUE, TEST_BUFF_SIZE, write_buff,
+ ((flag-1) & (~PSA_SST_FLAG_WRITE_ONCE))))
+ {
+ val->print(PRINT_ERROR, "Flag value = %d\n",
+ (flag-1) & (~PSA_SST_FLAG_WRITE_ONCE));
+
+ return VAL_STATUS_ERROR;
+ }
+
+ flag = flag >> 1;
+ };
+
+ return status;
+}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s006/test_s006.h b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_s006.h
new file mode 100755
index 0000000..3779969
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s006/test_s006.h
@@ -0,0 +1,36 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S006_CLIENT_TESTS_H_
+#define _TEST_S006_CLIENT_TESTS_H_
+
+#ifdef ITS_TEST
+#define VAL_STORAGE_BASE VAL_INTERNAL_TRUSTED_STORAGE_BASE
+#define test_entry CONCAT(test_entry_, s006)
+#elif PS_TEST
+#define VAL_STORAGE_BASE VAL_PROTECTED_STORAGE_BASE
+#define test_entry CONCAT(test_entry_, p006)
+#endif
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_s006_sst_list[];
+
+int32_t psa_sst_get_apis_check_for_different_flags_value(security_t caller);
+
+#endif /* _TEST_S006_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s007/source.mk b/api-tests/dev_apis/internal_trusted_storage/test_s007/source.mk
new file mode 100755
index 0000000..f57b391
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s007/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_s007.c
+CC_OPTIONS = -DITS_TEST
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s007/test_entry.c b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_entry.c
new file mode 100755
index 0000000..9dbc1df
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_entry.c
@@ -0,0 +1,52 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_s007.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 7)
+#define TEST_DESC "Flag set after create error check\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_secure_storage_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_s007_sst_list, FALSE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s007/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_its_data.h
new file mode 100755
index 0000000..90c4931
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_its_data.h
@@ -0,0 +1,61 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S007_ITS_DATA_TESTS_H_
+#define _TEST_S007_ITS_DATA_TESTS_H_
+
+#include "val_internal_trusted_storage.h"
+
+#define SST_FUNCTION val->its_function
+#define psa_sst_uid_t psa_its_uid_t
+
+typedef struct {
+ char test_desc[100];
+ enum its_function_code api;
+ psa_its_status_t status;
+} test_data;
+
+static psa_its_create_flags_t flag;
+static test_data s007_data[] = {
+{
+ "This is dummy for index0", 0, 0
+},
+{
+ "Create a valid storage entity with non-zero flag value", VAL_ITS_SET, PSA_ITS_SUCCESS
+},
+{
+ "try to change the flag value with another non-zero value", VAL_ITS_SET, PSA_ITS_ERROR_FLAGS_SET_AFTER_CREATE
+},
+{
+ "try to change the flag value with zero value", VAL_ITS_SET, PSA_ITS_ERROR_FLAGS_SET_AFTER_CREATE
+},
+{
+ "Remove the storage entity ", VAL_ITS_REMOVE, PSA_ITS_SUCCESS
+},
+{
+ "Create a valid storage entity with zero flag value", VAL_ITS_SET, PSA_ITS_SUCCESS
+},
+{
+ "try to change the flag value with non-zero value", VAL_ITS_SET, PSA_ITS_SUCCESS
+},
+{
+ "try to change the flag again to zero value", VAL_ITS_SET, PSA_ITS_ERROR_FLAGS_SET_AFTER_CREATE
+},
+{
+ "Remove the storage entity ", VAL_ITS_REMOVE, PSA_ITS_SUCCESS
+},
+};
+#endif /* _TEST_S007_ITS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s007/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_ps_data.h
new file mode 100755
index 0000000..6757c9a
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_ps_data.h
@@ -0,0 +1,61 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S007_PS_DATA_TESTS_H_
+#define _TEST_S007_PS_DATA_TESTS_H_
+
+#include "val_protected_storage.h"
+
+#define SST_FUNCTION val->ps_function
+#define psa_sst_uid_t psa_ps_uid_t
+
+typedef struct {
+ char test_desc[100];
+ enum ps_function_code api;
+ psa_ps_status_t status;
+} test_data;
+
+static psa_ps_create_flags_t flag;
+static test_data s007_data[] = {
+{
+ "This is dummy for index0", 0, 0
+},
+{
+ "Create a valid storage entity with non-zero flag value", VAL_PS_SET, PSA_PS_SUCCESS
+},
+{
+ "try to change the flag value with another non-zero value", VAL_PS_SET, PSA_PS_ERROR_FLAGS_SET_AFTER_CREATE
+},
+{
+ "try to change the flag value with zero value", VAL_PS_SET, PSA_PS_ERROR_FLAGS_SET_AFTER_CREATE
+},
+{
+ "Remove the storage entity ", VAL_PS_REMOVE, PSA_PS_SUCCESS
+},
+{
+ "Create a valid storage entity with zero flag value", VAL_PS_SET, PSA_PS_SUCCESS
+},
+{
+ "try to change the flag value with non-zero value", VAL_PS_SET, PSA_PS_SUCCESS
+},
+{
+ "try to change the flag again to zero value", VAL_PS_SET, PSA_PS_ERROR_FLAGS_SET_AFTER_CREATE
+},
+{
+ "Remove the storage entity ", VAL_PS_REMOVE, PSA_PS_SUCCESS
+},
+};
+#endif /* _TEST_S007_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s007/test_s007.c b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_s007.c
new file mode 100755
index 0000000..a520837
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_s007.c
@@ -0,0 +1,78 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_s007.h"
+#ifdef ITS_TEST
+#include "test_its_data.h"
+#elif PS_TEST
+#include "test_ps_data.h"
+#endif
+
+#define TEST_BUFF_SIZE 30
+
+client_test_t test_s007_sst_list[] = {
+ NULL,
+ psa_sst_api_flag_set_after_create,
+ NULL,
+};
+
+static uint8_t write_buff[TEST_BUFF_SIZE] = {
+ 0x00, 0x01, 0x02, 0x03, 0x04, 0x23, 0xF6, 0x07, 0x08, 0x0D, 0x0A, 0x1B, 0x0C, 0x5D, 0x0E,\
+ 0x70, 0xA1, 0xFF, 0xFF, 0x14, 0x73, 0x46, 0x97, 0xE8, 0xDD, 0xCA, 0x0B, 0x3C, 0x0D, 0x2E};
+
+int32_t psa_sst_api_flag_set_after_create(security_t caller)
+{
+ psa_sst_uid_t uid = UID_BASE_VALUE + 10;
+ uint32_t status = VAL_STATUS_SUCCESS;
+
+ flag = 0x0000100;
+ /* Set the uid with the data_len and data_buff */
+ status = SST_FUNCTION(s007_data[1].api, uid, TEST_BUFF_SIZE/2, write_buff, flag);
+ TEST_ASSERT_EQUAL(status, s007_data[1].status, TEST_CHECKPOINT_NUM(1));
+
+ /* Call set for same uid and different non-zero flag value */
+ status = SST_FUNCTION(s007_data[2].api, uid, TEST_BUFF_SIZE, write_buff, flag<<1);
+ TEST_ASSERT_EQUAL(status, s007_data[2].status, TEST_CHECKPOINT_NUM(2));
+
+ /* Call set for same uid and different nzero flag value */
+ status = SST_FUNCTION(s007_data[3].api, uid, TEST_BUFF_SIZE, write_buff, 0);
+ TEST_ASSERT_EQUAL(status, s007_data[3].status, TEST_CHECKPOINT_NUM(3));
+
+ /* Remove the uid */
+ status = SST_FUNCTION(s007_data[4].api, uid);
+ TEST_ASSERT_EQUAL(status, s007_data[4].status, TEST_CHECKPOINT_NUM(4));
+
+ /* Set the uid with the data_len and data_buff */
+ status = SST_FUNCTION(s007_data[5].api, uid, TEST_BUFF_SIZE, write_buff, 0);
+ TEST_ASSERT_EQUAL(status, s007_data[5].status, TEST_CHECKPOINT_NUM(5));
+
+ /* Call set for same uid and different non-zero flag value */
+ status = SST_FUNCTION(s007_data[6].api, uid, TEST_BUFF_SIZE, write_buff, flag);
+ TEST_ASSERT_EQUAL(status, s007_data[6].status, TEST_CHECKPOINT_NUM(6));
+
+ /* Call set for same uid and different zero flag value */
+ status = SST_FUNCTION(s007_data[7].api, uid, TEST_BUFF_SIZE, write_buff, flag);
+ TEST_ASSERT_EQUAL(status, s007_data[7].status, TEST_CHECKPOINT_NUM(7));
+
+ /* Remove the uid */
+ status = SST_FUNCTION(s007_data[8].api, uid);
+ TEST_ASSERT_EQUAL(status, s007_data[8].status, TEST_CHECKPOINT_NUM(8));
+
+ return status;
+}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s007/test_s007.h b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_s007.h
new file mode 100755
index 0000000..37775b0
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s007/test_s007.h
@@ -0,0 +1,36 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S007_CLIENT_TESTS_H_
+#define _TEST_S007_CLIENT_TESTS_H_
+
+#ifdef ITS_TEST
+#define VAL_STORAGE_BASE VAL_INTERNAL_TRUSTED_STORAGE_BASE
+#define test_entry CONCAT(test_entry_, s007)
+#elif PS_TEST
+#define VAL_STORAGE_BASE VAL_PROTECTED_STORAGE_BASE
+#define test_entry CONCAT(test_entry_, p007)
+#endif
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_s007_sst_list[];
+
+int32_t psa_sst_api_flag_set_after_create(security_t caller);
+
+#endif /* _TEST_S007_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s008/source.mk b/api-tests/dev_apis/internal_trusted_storage/test_s008/source.mk
new file mode 100755
index 0000000..fce0cd0
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s008/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_s008.c
+CC_OPTIONS = -DITS_TEST
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s008/test_entry.c b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_entry.c
new file mode 100755
index 0000000..d0c19e5
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_s008.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 8)
+#define TEST_DESC "Valid offset success scenarios check\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_secure_storage_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_s008_its_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s008/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_its_data.h
new file mode 100755
index 0000000..c043fb2
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_its_data.h
@@ -0,0 +1,72 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S008_ITS_DATA_TESTS_H_
+#define _TEST_S008_ITS_DATA_TESTS_H_
+
+#include "val_internal_trusted_storage.h"
+
+#define SST_FUNCTION val->its_function
+#define psa_sst_uid_t psa_its_uid_t
+
+typedef struct {
+ char test_desc[100];
+ enum its_function_code api;
+ psa_its_status_t status;
+} test_data;
+
+static test_data s008_data[] = {
+{
+ "This is dummy for index0", 0, 0
+},
+{
+ "Create a valid storage entity with zero flag value", VAL_ITS_SET, PSA_ITS_SUCCESS
+},
+{
+ "Call get api with valid offset values, and offset + data_len = total_size", VAL_ITS_GET, PSA_ITS_SUCCESS
+},
+{
+ "This is dummy for index3", 0, 0
+},
+{
+ "Call get api with valid offset values, and offset + data_len < total_size", VAL_ITS_GET, PSA_ITS_SUCCESS
+},
+{
+ "This is dummy for index5", 0, 0
+},
+{
+ "Call get api with invalid offset , offset = total data_size + 1", VAL_ITS_GET, PSA_ITS_ERROR_OFFSET_INVALID
+},
+{
+ "This is dummy for index7", 0, 0
+},
+{
+ "Call get api with valid offset , but offset + data_len > total data_size", VAL_ITS_GET, PSA_ITS_ERROR_INCORRECT_SIZE
+},
+{
+ "This is dummy for index9", 0, 0
+},
+{
+ "Call get api with invalid data len and offset zero", VAL_ITS_GET, PSA_ITS_ERROR_INCORRECT_SIZE
+},
+{
+ "This is dummy for index11", 0, 0
+},
+{
+ "Remove the storage entity ", VAL_ITS_REMOVE, PSA_ITS_SUCCESS
+},
+};
+#endif /* _TEST_S008_ITS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s008/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_ps_data.h
new file mode 100755
index 0000000..50d475e
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_ps_data.h
@@ -0,0 +1,72 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S008_PS_DATA_TESTS_H_
+#define _TEST_S008_PS_DATA_TESTS_H_
+
+#include "val_protected_storage.h"
+
+#define SST_FUNCTION val->ps_function
+#define psa_sst_uid_t psa_ps_uid_t
+
+typedef struct {
+ char test_desc[100];
+ enum ps_function_code api;
+ psa_ps_status_t status;
+} test_data;
+
+static test_data s008_data[] = {
+{
+ "This is dummy for index0", 0, 0
+},
+{
+ "Create a valid storage entity with zero flag value", VAL_PS_SET, PSA_PS_SUCCESS
+},
+{
+ "Call get api with valid offset values, and offset + data_len = total_size", VAL_PS_GET, PSA_PS_SUCCESS
+},
+{
+ "This is dummy for index3", 0, 0
+},
+{
+ "Call get api with valid offset values, and offset + data_len < total_size", VAL_PS_GET, PSA_PS_SUCCESS
+},
+{
+ "This is dummy for index5", 0, 0
+},
+{
+ "Call get api with invalid offset , offset = total data_size + 1", VAL_PS_GET, PSA_PS_ERROR_OFFSET_INVALID
+},
+{
+ "This is dummy for index7", 0, 0
+},
+{
+ "Call get api with valid offset , but offset + data_len > total data_size", VAL_PS_GET, PSA_PS_ERROR_INCORRECT_SIZE
+},
+{
+ "This is dummy for index9", 0, 0
+},
+{
+ "Call get api with invalid data len and offset zero", VAL_PS_GET, PSA_PS_ERROR_INCORRECT_SIZE
+},
+{
+ "This is dummy for index11", 0, 0
+},
+{
+ "Remove the storage entity ", VAL_PS_REMOVE, PSA_PS_SUCCESS
+},
+};
+#endif /* _TEST_S008_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s008/test_s008.c b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_s008.c
new file mode 100755
index 0000000..8a16fb0
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_s008.c
@@ -0,0 +1,111 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_s008.h"
+#ifdef ITS_TEST
+#include "test_its_data.h"
+#elif PS_TEST
+#include "test_ps_data.h"
+#endif
+
+#define TEST_BUFF_SIZE 20
+
+client_test_t test_s008_its_list[] = {
+ NULL,
+ psa_its_nonzero_offset_check_success,
+ psa_its_nonzero_offset_check_failure,
+ NULL,
+};
+
+static psa_sst_uid_t uid = UID_BASE_VALUE + 10;
+static uint8_t read_buff[TEST_BUFF_SIZE];
+static uint8_t write_buff[TEST_BUFF_SIZE] = {0x99, 0x01, 0x02, 0x03, 0x04, 0x23, 0xF6, 0x07, 0x08, \
+ 0x0D, 0x70, 0xA1, 0xFF, 0xFF, 0x14, 0x73, 0x46, 0x97, 0xE8, 0xDD};
+
+int32_t psa_its_nonzero_offset_check_failure(security_t caller)
+{
+ uint32_t status, j;
+
+ /* Case where offset = data_size +1 , data_len 0. Also check nothing is returned in read buff*/
+ val->print(PRINT_TEST, "[Check 2] Try to access data with varying invalid offset\n", 0);
+ memset(read_buff, 0, TEST_BUFF_SIZE);
+ status = SST_FUNCTION(s008_data[6].api, uid, TEST_BUFF_SIZE+1, 0, read_buff);
+ TEST_ASSERT_EQUAL(status, s008_data[6].status, TEST_CHECKPOINT_NUM(6));
+ for (j = 0; j < TEST_BUFF_SIZE; j++)
+ {
+ TEST_ASSERT_EQUAL(read_buff[j], 0x00, TEST_CHECKPOINT_NUM(7));
+ }
+
+ /* Case where offset = data_size , data_len= 1 Also check nothing is returned in read buff*/
+ status = SST_FUNCTION(s008_data[8].api, uid, TEST_BUFF_SIZE, 1, read_buff);
+ TEST_ASSERT_EQUAL(status, s008_data[8].status, TEST_CHECKPOINT_NUM(8));
+ for (j = 0; j < TEST_BUFF_SIZE; j++)
+ {
+ TEST_ASSERT_EQUAL(read_buff[j], 0x00, TEST_CHECKPOINT_NUM(9));
+ }
+
+ /* Case where offset = 0 , data_len > data_size Also check nothing is returned in read buff*/
+ status = SST_FUNCTION(s008_data[10].api, uid, 0, TEST_BUFF_SIZE+1, read_buff);
+ TEST_ASSERT_EQUAL(status, s008_data[10].status, TEST_CHECKPOINT_NUM(10));
+ for (j = 0; j < TEST_BUFF_SIZE; j++)
+ {
+ TEST_ASSERT_EQUAL(read_buff[j], 0x00, TEST_CHECKPOINT_NUM(11));
+ }
+
+ /* Remove the uid to be used in other test case */
+ status = SST_FUNCTION(s008_data[12].api, uid);
+ TEST_ASSERT_EQUAL(status, s008_data[12].status, TEST_CHECKPOINT_NUM(12));
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_its_nonzero_offset_check_success(security_t caller)
+{
+ uint32_t status, data_len, offset = TEST_BUFF_SIZE;
+
+ /* Set data for uid */
+ status = SST_FUNCTION(s008_data[1].api, uid, TEST_BUFF_SIZE, write_buff, 0);
+ TEST_ASSERT_EQUAL(status, s008_data[1].status, TEST_CHECKPOINT_NUM(1));
+
+ /* Case where offset + datalen = data_size */
+ val->print(PRINT_TEST, "[Check 1] Try to access data with varying valid offset\n", 0);
+ while (offset > 0)
+ {
+ data_len = TEST_BUFF_SIZE - offset;
+ memset(read_buff, 0, TEST_BUFF_SIZE);
+ status = SST_FUNCTION(s008_data[2].api, uid, offset, data_len, read_buff);
+ TEST_ASSERT_EQUAL(status, s008_data[2].status, TEST_CHECKPOINT_NUM(2));
+ TEST_ASSERT_MEMCMP(read_buff, write_buff + offset, data_len, TEST_CHECKPOINT_NUM(3));
+ offset >>= 1;
+ }
+
+ offset = TEST_BUFF_SIZE - 2;
+ data_len = 1;
+ /* Case where offset + datalen < data_size */
+ while (offset > 0)
+ {
+ status = SST_FUNCTION(s008_data[4].api, uid, offset, data_len, read_buff);
+ TEST_ASSERT_EQUAL(status, s008_data[4].status, TEST_CHECKPOINT_NUM(4));
+ TEST_ASSERT_MEMCMP(read_buff, write_buff + offset, data_len, TEST_CHECKPOINT_NUM(5));
+ offset >>= 1;
+ data_len <<= 1;
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s008/test_s008.h b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_s008.h
new file mode 100755
index 0000000..b3af4f4
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s008/test_s008.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S008_CLIENT_TESTS_H_
+#define _TEST_S008_CLIENT_TESTS_H_
+
+#ifdef ITS_TEST
+#define VAL_STORAGE_BASE VAL_INTERNAL_TRUSTED_STORAGE_BASE
+#define test_entry CONCAT(test_entry_, s008)
+#elif PS_TEST
+#define VAL_STORAGE_BASE VAL_PROTECTED_STORAGE_BASE
+#define test_entry CONCAT(test_entry_, p008)
+#endif
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_s008_its_list[];
+
+int32_t psa_its_nonzero_offset_check_success(security_t caller);
+int32_t psa_its_nonzero_offset_check_failure(security_t caller);
+
+#endif /* _TEST_S008_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s009/source.mk b/api-tests/dev_apis/internal_trusted_storage/test_s009/source.mk
new file mode 100755
index 0000000..dff1830
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s009/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_s009.c
+CC_OPTIONS = -DITS_TEST
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s009/test_entry.c b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_entry.c
new file mode 100755
index 0000000..a471d87
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_entry.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_s009.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_STORAGE_BASE, 9)
+#define TEST_DESC "Bad pointer error check\n"
+
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_secure_storage_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_s009_sst_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s009/test_its_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_its_data.h
new file mode 100755
index 0000000..0fb4dc0
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_its_data.h
@@ -0,0 +1,64 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S009_ITS_DATA_TESTS_H_
+#define _TEST_S009_ITS_DATA_TESTS_H_
+
+#include "val_internal_trusted_storage.h"
+
+#define SST_FUNCTION val->its_function
+#define psa_sst_uid_t psa_its_uid_t
+
+typedef struct {
+ char test_desc[100];
+ enum its_function_code api;
+ psa_its_status_t status;
+} test_data;
+
+static struct psa_its_info_t info;
+static test_data s009_data[] = {
+{
+ "This is dummy for index0", 0, 0
+},
+{
+ "Call set api with 0 write buffer", VAL_ITS_SET, PSA_ITS_ERROR_BAD_POINTER
+},
+{
+ "Call to get_info api should fail", VAL_ITS_GET_INFO, PSA_ITS_ERROR_KEY_NOT_FOUND
+},
+{
+ "Create storage of zero size", VAL_ITS_SET, PSA_ITS_SUCCESS
+},
+{
+ "try to set 0 buffer for previous created storage", VAL_ITS_SET, PSA_ITS_ERROR_BAD_POINTER
+},
+{
+ "Call get_info api to check data size", VAL_ITS_GET_INFO, PSA_ITS_SUCCESS
+},
+{
+ "This is dummy for index6", 0, 0
+},
+{
+ "Call get api with 0 read buffer", VAL_ITS_GET, PSA_ITS_ERROR_BAD_POINTER
+},
+{
+ "Call get_info api with 0 info buffer", VAL_ITS_GET_INFO, PSA_ITS_ERROR_BAD_POINTER
+},
+{
+ "Remove the storage entity ", VAL_ITS_REMOVE, PSA_ITS_SUCCESS
+},
+};
+#endif /* _TEST_S009_ITS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s009/test_ps_data.h b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_ps_data.h
new file mode 100755
index 0000000..53f20e9
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_ps_data.h
@@ -0,0 +1,64 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or ps affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S009_PS_DATA_TESTS_H_
+#define _TEST_S009_PS_DATA_TESTS_H_
+
+#include "val_protected_storage.h"
+
+#define SST_FUNCTION val->ps_function
+#define psa_sst_uid_t psa_ps_uid_t
+
+typedef struct {
+ char test_desc[100];
+ enum ps_function_code api;
+ psa_ps_status_t status;
+} test_data;
+
+static struct psa_ps_info_t info;
+static test_data s009_data[] = {
+{
+ "This is dummy for index0", 0, 0
+},
+{
+ "Call set api with 0 write buffer", VAL_PS_SET, PSA_PS_ERROR_BAD_POINTER
+},
+{
+ "Call to get_info api should fail", VAL_PS_GET_INFO, PSA_PS_ERROR_KEY_NOT_FOUND
+},
+{
+ "Create storage of zero size", VAL_PS_SET, PSA_PS_SUCCESS
+},
+{
+ "try to set 0 buffer for previous created storage", VAL_PS_SET, PSA_PS_ERROR_BAD_POINTER
+},
+{
+ "Call get_info api to check data size", VAL_PS_GET_INFO, PSA_PS_SUCCESS
+},
+{
+ "This is dummy for index6", 0, 0
+},
+{
+ "Call get api with 0 read buffer", VAL_PS_GET, PSA_PS_ERROR_BAD_POINTER
+},
+{
+ "Call get_info api with 0 info buffer", VAL_PS_GET_INFO, PSA_PS_ERROR_BAD_POINTER
+},
+{
+ "Remove the storage entity ", VAL_PS_REMOVE, PSA_PS_SUCCESS
+},
+};
+#endif /* _TEST_S009_PS_DATA_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s009/test_s009.c b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_s009.c
new file mode 100755
index 0000000..6cb084c
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_s009.c
@@ -0,0 +1,82 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_s009.h"
+#ifdef ITS_TEST
+#include "test_its_data.h"
+#elif PS_TEST
+#include "test_ps_data.h"
+#endif
+
+#define TEST_BUFF_SIZE 20
+
+client_test_t test_s009_sst_list[] = {
+ NULL,
+ psa_sst_set_bad_pointer_check,
+ NULL,
+};
+
+static psa_sst_uid_t uid = UID_BASE_VALUE + 10;
+static uint8_t write_buff[TEST_BUFF_SIZE] = {0x99, 0x01, 0x02, 0x03, 0x04, 0x23, 0xF6, 0x07, 0x08, \
+ 0x0D, 0x70, 0xA1, 0xFF, 0xFF, 0x14, 0x73, 0x46, 0x97, 0xE8, 0xDD};
+
+int32_t psa_sst_set_bad_pointer_check(security_t caller)
+{
+ uint32_t status;
+
+ /* Set data for uid with length 0 and NULL pointer */
+ val->print(PRINT_TEST, "[Check 1] Call Set api with NULL write buffer\n", 0);
+ status = SST_FUNCTION(s009_data[1].api, uid, 0, NULL, 0);
+ TEST_ASSERT_EQUAL(status, s009_data[1].status, TEST_CHECKPOINT_NUM(1));
+
+ /* Call the GET_INFO function and match the attributes */
+ status = SST_FUNCTION(s009_data[2].api, uid, &info);
+ TEST_ASSERT_EQUAL(status, s009_data[2].status, TEST_CHECKPOINT_NUM(2));
+
+ /* Set data for uid with length 0 and valid write buffer */
+ val->print(PRINT_TEST, "[Check 2] Create UID with zero data length\n", 0);
+ status = SST_FUNCTION(s009_data[3].api, uid, 0, write_buff, 0);
+ TEST_ASSERT_EQUAL(status, s009_data[3].status, TEST_CHECKPOINT_NUM(3));
+
+ /* Set data for uid with length 0 and NULL pointer */
+ val->print(PRINT_TEST, "[Check 3] Try to set NULL buffer for uid with data length\n", 0);
+ status = SST_FUNCTION(s009_data[4].api, uid, 0, NULL, 0);
+ TEST_ASSERT_EQUAL(status, s009_data[4].status, TEST_CHECKPOINT_NUM(4));
+
+ /* Call the GET_INFO function and match the attributes */
+ status = SST_FUNCTION(s009_data[5].api, uid, &info);
+ TEST_ASSERT_EQUAL(status, s009_data[5].status, TEST_CHECKPOINT_NUM(5));
+ TEST_ASSERT_EQUAL(info.size, 0, TEST_CHECKPOINT_NUM(6));
+
+ /* Call get api with NULL read buffer and valid uid */
+ val->print(PRINT_TEST, "[Check 4] Call get api with NULL read buffer\n", 0);
+ status = SST_FUNCTION(s009_data[7].api, uid, 0, 0, NULL);
+ TEST_ASSERT_EQUAL(status, s009_data[7].status, TEST_CHECKPOINT_NUM(7));
+
+ /* Call the GET_INFO function with NULL info pointer */
+ val->print(PRINT_TEST, "[Check 5] Call get_info api with NULL info pointer\n", 0);
+ status = SST_FUNCTION(s009_data[8].api, uid, NULL);
+ TEST_ASSERT_EQUAL(status, s009_data[8].status, TEST_CHECKPOINT_NUM(8));
+
+ /* Remove the uid */
+ status = SST_FUNCTION(s009_data[9].api, uid);
+ TEST_ASSERT_EQUAL(status, s009_data[9].status, TEST_CHECKPOINT_NUM(9));
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/dev_apis/internal_trusted_storage/test_s009/test_s009.h b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_s009.h
new file mode 100755
index 0000000..d3a00bb
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/test_s009/test_s009.h
@@ -0,0 +1,36 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_S009_CLIENT_TESTS_H_
+#define _TEST_S009_CLIENT_TESTS_H_
+
+#ifdef ITS_TEST
+#define VAL_STORAGE_BASE VAL_INTERNAL_TRUSTED_STORAGE_BASE
+#define test_entry CONCAT(test_entry_, s009)
+#elif PS_TEST
+#define VAL_STORAGE_BASE VAL_PROTECTED_STORAGE_BASE
+#define test_entry CONCAT(test_entry_, p009)
+#endif
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_s009_sst_list[];
+
+int32_t psa_sst_set_bad_pointer_check(security_t caller);
+
+#endif /* _TEST_S009_CLIENT_TESTS_H_ */
diff --git a/api-tests/dev_apis/internal_trusted_storage/testsuite.db b/api-tests/dev_apis/internal_trusted_storage/testsuite.db
new file mode 100644
index 0000000..8363ccc
--- /dev/null
+++ b/api-tests/dev_apis/internal_trusted_storage/testsuite.db
@@ -0,0 +1,33 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+
+#List of tests to be compiled and run as part of internal trusted storage suite
+
+(START)
+
+test_s001
+test_s002
+test_s003
+test_s004
+test_s005
+test_s006
+test_s007
+test_s008
+test_s009
+
+(END)
diff --git a/api-tests/dev_apis/protected_storage/README.md b/api-tests/dev_apis/protected_storage/README.md
new file mode 100644
index 0000000..a03221a
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/README.md
@@ -0,0 +1,12 @@
+
+# Protected Storage Test Suite
+
+## Common tests
+Since Protected Storage(PS) and Internal Trusted Storage(ITS) APIs shares the similar API prototypes and return values, some of the ITS tests are reused for PS also. The reused tests are available with ``test_s[x]`` (where, x= test_num) directory name syntax in protected_storage/. The source code of these tests are located in internal_trusted_storage/ dir with same test name.
+
+## License
+
+Arm PSA test suite is distributed under Apache v2.0 License.
+--------------
+
+*Copyright (c) 2018-2019, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/dev_apis/protected_storage/test_s001/source.mk b/api-tests/dev_apis/protected_storage/test_s001/source.mk
new file mode 100644
index 0000000..bccfcb0
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_s001/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_s001.c
+CC_OPTIONS = -DPS_TEST
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_s002/source.mk b/api-tests/dev_apis/protected_storage/test_s002/source.mk
new file mode 100644
index 0000000..36258fc
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_s002/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_s002.c
+CC_OPTIONS = -DPS_TEST
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_s003/source.mk b/api-tests/dev_apis/protected_storage/test_s003/source.mk
new file mode 100644
index 0000000..9296c79
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_s003/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_s003.c
+CC_OPTIONS = -DPS_TEST
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_s004/source.mk b/api-tests/dev_apis/protected_storage/test_s004/source.mk
new file mode 100644
index 0000000..53c0f57
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_s004/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_s004.c
+CC_OPTIONS = -DPS_TEST
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_s005/source.mk b/api-tests/dev_apis/protected_storage/test_s005/source.mk
new file mode 100644
index 0000000..bc2938b
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_s005/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_s005.c
+CC_OPTIONS = -DPS_TEST
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_s006/source.mk b/api-tests/dev_apis/protected_storage/test_s006/source.mk
new file mode 100644
index 0000000..084d424
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_s006/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_s006.c
+CC_OPTIONS = -DPS_TEST
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_s007/source.mk b/api-tests/dev_apis/protected_storage/test_s007/source.mk
new file mode 100644
index 0000000..7af6777
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_s007/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_s007.c
+CC_OPTIONS = -DPS_TEST
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_s008/source.mk b/api-tests/dev_apis/protected_storage/test_s008/source.mk
new file mode 100644
index 0000000..e843437
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_s008/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_s008.c
+CC_OPTIONS = -DPS_TEST
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/test_s009/source.mk b/api-tests/dev_apis/protected_storage/test_s009/source.mk
new file mode 100644
index 0000000..10eae95
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/test_s009/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_s009.c
+CC_OPTIONS = -DPS_TEST
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/api-tests/dev_apis/protected_storage/testsuite.db b/api-tests/dev_apis/protected_storage/testsuite.db
new file mode 100644
index 0000000..186fb04
--- /dev/null
+++ b/api-tests/dev_apis/protected_storage/testsuite.db
@@ -0,0 +1,33 @@
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+
+#List of tests to be compiled and run as part of protected storage suite
+
+(START)
+
+test_s001
+test_s002
+test_s003
+test_s004
+test_s005
+test_s006
+test_s007
+test_s008
+test_s009
+
+(END)
diff --git a/api-tests/dev_apis/secure_storage/dummy.txt b/api-tests/dev_apis/secure_storage/dummy.txt
deleted file mode 100644
index 6c3aa2a..0000000
--- a/api-tests/dev_apis/secure_storage/dummy.txt
+++ /dev/null
@@ -1 +0,0 @@
-Using dummy file to add empty directory to repo. In future, this file will be deleted and directory will contain tests for secure storage service APIs.
diff --git a/api-tests/docs/Arm_PSA_APIs_Arch_Test_Validation_Methodology.pdf b/api-tests/docs/Arm_PSA_APIs_Arch_Test_Validation_Methodology.pdf
new file mode 100644
index 0000000..1ec5b79
--- /dev/null
+++ b/api-tests/docs/Arm_PSA_APIs_Arch_Test_Validation_Methodology.pdf
Binary files differ
diff --git a/api-tests/docs/Arm_PSA_FF_Arch_Test_Validation_Methodology.pdf b/api-tests/docs/Arm_PSA_FF_Arch_Test_Validation_Methodology.pdf
deleted file mode 100644
index 7c29ac7..0000000
--- a/api-tests/docs/Arm_PSA_FF_Arch_Test_Validation_Methodology.pdf
+++ /dev/null
Binary files differ
diff --git a/api-tests/docs/porting_guide.md b/api-tests/docs/porting_guide.md
deleted file mode 100644
index 2561d73..0000000
--- a/api-tests/docs/porting_guide.md
+++ /dev/null
@@ -1,98 +0,0 @@
-
-# Porting Guide - PSA APIs Architecture Test Suite
------------------------------------------------------
-
-## Introduction
-The PSA APIs Architecture test suite contains a platform abstraction layer (PAL) which abstracts platform specific information from the tests.
- - The PAL layer interface functions need to be implemented/ported to the target platform.
- - The target config file must be created/updated to match the details of the target platform.
-
-This document provides details on the porting steps and the PAL APIs.
-
-## Porting steps
-
-### Target configuration
-
- You must populate your system configuration and provide it as an input to test suite.
-
-This is captured in a single static input configuration file that is named as target.cfg. This file is available at api-tests/platform/targets/<platform_name>/. <br />
-
-An example of the input configuration file is as shown.
-
- // UART device info
- uart.num=1;
- uart.0.base = 0x40004000;
- uart.0.size = 0xFFF;
- uart.0.intr_id = 0xFF;
- uart.0.permission = TYPE_READ_WRITE;
-
- // Watchdog device info
- watchdog.num = 1;
- watchdog.0.base = 0x40008000;
- watchdog.0.size = 0xFFF;
- watchdog.0.intr_id = 0xFF;
- watchdog.0.permission = TYPE_READ_WRITE;
-
- More details on the structure of the input can be obtained from val/common/val_target.h.
-
-**Procedure**
-----------------
-
- - Create a new directory in platform/targets/<platform_name>. For reference, see the existing platform fvp_mps2_cm4_mbedos directory.
- - cp -rf platform/targets/fvp_mps2_cm4_mbedos/ platform/targets/<platform_name>/
- - Update platform/targets/<platform_name>/target.cfg with your platform detail. Refer val/common/val_target.h for structure details.
- - Update mmio_regions information available in platform/targets/<platform_name>/manifests/common/driver_partition_psa.json manifest file with your platform information. mmio_regions detail must match with device detail provided in the target.cfg file.
- - The test suite specified "sid" and partition "id" are provided in manifest files available in platform/manifests/ directory. You can update them if they are clashing with your system defined sid and partition-id values. You may need to update platform/targets/<platform_name>/nspe/pal_sid.h file for any change in test suite provided SID values.
- - Update platform/nspe/Makefile appropriately to select correct instances of PAL files for compilation. This make file is invoked as part of test suite build tool(./setup.sh) step and it creates <build_dir>/BUILD/platform/pal_nspe.a archive and respective object for SPE files at <build_dir>/BUILD/platform/spe/\*\_driver_sp.o. Later, these SPE objects are used by spbuild.mk to create appropriate SPE partition archive file.
- - Refer "PAL API list" section to view list of PAL API that must be ported for your target platform. These APIs definitions are available in nspe/pal_\*\_intf.c and spe/pal_\*_intf.c files. These APIs are written for fvp_mps2_cm4_mbedos platform. You can reuse the code if it works for your platform. Otherwise you must port them for your platform specific peripherals.
-
-**Note**:
- Test suite needs access to the following peripherals. For IPC tests, the services of these peripherals are implemented as RoT services in the driver partition. If you are compiling crypto tests, you must set PSA_IPC_IMPLEMENTED to 0 in the platform/targets/<platform_name>/Makefile. This selects the non-secure PAL instances for the driver services and eliminates IPC dependancy for crypto tests.
- - One UART to print nspe and spe messages
- - One Watchdog timer to help recovery from any fatal error conditions
- - Non-volatile memory support to preserve test status over watchdog timer reset
-
-### Create a new target
-
- Since Test suite is agnostic to various system targets, before building the tests, you must port the files mentioned in the following steps.
-## PAL API list
- These functions will require implementation for the target platform. <br />
-
-- Following are the list of PAL APIs used in NSPE: <br />
-
-| No | Prototype | Description | Parameters |
-|----|-----------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------|----------------------------------------------------------|
-| 01 | int pal_spi_read(addr_t addr, uint8_t *data, uint32_t len); | This function will read peripherals using SPI commands | addr : address of the peripheral<br/>data : read buffer<br/>len : length of the read buffer in bytes<br/> |
-| 02 | uint32_t pal_ipc_framework_version(void); | Retrieve the version of the PSA Framework API that is implemented. | void<br/> |
-| 03 | uint32_t pal_ipc_version(uint32_t sid); | Retrieve the minor version of a Root of Trust Service by its SID. | sid The Root of Trust Service ID<br/> |
-| 04 | psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version); | Connect to given sid. | sid : RoT service id<br/>minor_version : minor_version of RoT service<br/> |
-| 05 | psa_status_t pal_ipc_call(psa_handle_t handle, const psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len);| Call a connected Root of Trust Service. | handle: Handle for the connection.<br/>in_vec: Array of psa_invec structures.<br/>in_len: Number of psa_invec structures in in_vec.<br/>out_vec: Array of psa_outvec structures for optional Root of Trust Service response.<br/>out_len: Number of psa_outvec structures in out_vec.<br/> |
-| 06 | void pal_ipc_close(psa_handle_t handle); | Close a connection to a Root of Trust Service. | handle Handle for the connection.<br/> |
-| 07 | int pal_uart_init_ns(uint32_t uart_base_addr); | This function initializes the UART | uart base addr<br/> |
-| 08 | int pal_print_ns(char *str, uint32_t data); | This function parses the input string and writes bytes into UART TX FIFO| str : Input String<br/>data : Value for format specifier<br/> |
-| 09 | int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us); | Initializes an hardware watchdog timer | base_addr : Base address of the watchdog module<br/>time_us : Time in micro seconds<br/>timer_tick_us : Number of ticks per micro second<br/>|
-| 10 | int pal_wd_timer_enable_ns(addr_t base_addr); | Enables a hardware watchdog timer | base_addr : Base address of the watchdog module<br/>|
-| 11 | int pal_wd_timer_disable_ns(addr_t base_addr); | Disables a hardware watchdog timer | base_addr : Base address of the watchdog module<br/> |
-| 12 | int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size); | Reads from given non-volatile address. | base : Base address of nvmem<br/>offset : Offset<br/>buffer : Pointer to source address<br/>size : Number of bytes<br/> |
-| 13 | int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size); | Writes into given non-volatile address. | base : Base address of nvmem<br/>offset : Offset<br/>buffer : Pointer to source address<br/>size : Number of bytes<br/> |
-| 14 | uint32_t pal_crypto_function(int type, va_list valist); | This API will call the requested crypto function | type : function code<br/>valist : variable argument list<br/> |
-
-- Following are the list of PAL APIs used in SPE: <br />
-
-| No | Prototype | Description | Parameters |
-|----|-----------------------------------------------------------------------------------|-----------------------------------------------------------------------------------|----------------------------------------------------------|
-| 01 | void pal_uart_init(addr_t uart_base_addr); | This function initializes the uart | uart_base_addr : Base address of the UART<br/> |
-| 02 | void pal_print(char *str, uint32_t data); | This function parses the input string and writes byte by byte to print | str : Input String<br/>data : Value for Format specifier<br/> |
-| 03 | int pal_wd_timer_init(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us);| Initializes an hardware watchdog timer | base_addr : Base address of the watchdog module<br/>time_us : Time in micro seconds<br/>timer_tick_us : Number of ticks per micro second<br/>|
-| 04 | int pal_wd_timer_enable(addr_t base_addr); | Enables a hardware watchdog timer | base_addr : Base address of the watchdog module<br/> |
-| 05 | int pal_wd_timer_disable(addr_t base_addr); | Disables a hardware watchdog timer | base_addr : Base address of the watchdog module<br/> |
-| 06 | int pal_wd_timer_is_enabled(addr_t base_addr); | Checks whether hardware watchdog timer is enabled | base_addr : Base address of the watchdog module<br/> |
-| 07 | int pal_nvmem_write(addr_t base, uint32_t offset, void *buffer, int size); | Writes 'size' bytes from buffer into non-volatile memory at a given 'base + offset'| base : Base address of NV MEM<br/>offset : Offset<br/>buffer : Pointer to source address<br/>size : Number of bytes<br/> |
-| 08 | int pal_nvmem_read(addr_t base, uint32_t offset, void *buffer, int size); | Reads 'size' bytes from non-volatile memory at a given | base : Base address of NV MEM<br/>offset : Offset<br/>buffer : Pointer to source address<br/>size : Number of bytes<br/> |
-
-## License
-Arm PSA test suite is distributed under Apache v2.0 License.
-
---------------
-
-*Copyright (c) 2018, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/docs/porting_guide_dev_apis.md b/api-tests/docs/porting_guide_dev_apis.md
new file mode 100644
index 0000000..fee1490
--- /dev/null
+++ b/api-tests/docs/porting_guide_dev_apis.md
@@ -0,0 +1,74 @@
+
+# Porting Guide - Developer APIs Architecture Test Suite
+-----------------------------------------------------
+
+## Introduction
+The Architecture test suite contains a platform abstraction layer (PAL) which abstracts platform specific information from the tests.
+ - The PAL layer interface functions need to be implemented/ported to the target platform.
+ - The target config file must be created/updated to match the details of the target platform.
+
+This document provides details on the porting steps and the PAL APIs.
+
+## Porting steps
+
+### Target configuration
+
+You must populate your system configuration and provide it as an input to test suite. This is captured in a single static input configuration file that is named as target.cfg. This file is available at api-tests/platform/targets/<platform_name>/. <br />
+
+An example of the input configuration file is as shown.
+
+ // UART device info
+ uart.num=1;
+ uart.0.base = 0x40004000;
+ uart.0.size = 0xFFF;
+ uart.0.intr_id = 0xFF;
+ uart.0.permission = TYPE_READ_WRITE;
+
+ // Watchdog device info
+ watchdog.num = 1;
+ watchdog.0.base = 0x40008000;
+ watchdog.0.size = 0xFFF;
+ watchdog.0.intr_id = 0xFF;
+ watchdog.0.permission = TYPE_READ_WRITE;
+
+ More details on the structure of the input can be obtained from val/common/val_target.h.
+
+### Adding a new target
+
+ - Create a new directory in platform/targets/<platform_name>. For reference, see the existing platform tgt_dev_apis_mbedos_fvp_mps2_m4 directory.
+ - cp -rf platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/ platform/targets/<platform_name>/
+ - Update platform/targets/<platform_name>/target.cfg with your platform detail. Refer val/common/val_target.h for structure details.
+ - Update platform/targets/<platform_name>/Makefile appropriately to select correct instances of PAL files for compilation. To compile dev_apis suites, you must set PSA_IPC_IMPLEMENTED to 0. This selects the non-secure PAL instances for the driver services and eliminates IPC dependancy for dev_apis tests.
+ - Refer "PAL API list" section to view list of PAL APIs that must be ported for your target platform. These APIs definitions are available in nspe/pal_\*\_intf.c. These APIs are written for tgt_dev_apis_mbedos_fvp_mps2_m4 platform. You can reuse the code if it works for your platform. Otherwise you must port them for your platform specific peripherals.
+ - The platform make file is invoked as part of test suite build tool(./setup.sh) step and it creates <build_dir>/BUILD/platform/pal_nspe.a archive.
+
+**Note**:
+Test suite needs access to the following peripherals:<br \>
+ - One UART to print nspe and spe messages
+ - One Watchdog timer to help recovery from any fatal error conditions
+ - Non-volatile memory support to preserve test status over watchdog timer reset
+
+
+## PAL API list
+Since test suite is agnostic to various system targets, before building the tests, you must port below PAL NSPE APIs. These functions will require implementation for your target platform. <br />
+
+| No | Prototype | Description | Parameters |
+|----|-----------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------|----------------------------------------------------------|
+| 01 | int pal_spi_read(addr_t addr, uint8_t *data, uint32_t len); | This function will read peripherals using SPI commands | addr : address of the peripheral<br/>data : read buffer<br/>len : length of the read buffer in bytes<br/> |
+| 02 | int pal_uart_init_ns(uint32_t uart_base_addr); | This function initializes the UART | uart base addr<br/> |
+| 03 | int pal_print_ns(char *str, uint32_t data); | This function parses the input string and writes bytes into UART TX FIFO| str : Input String<br/>data : Value for format specifier<br/> |
+| 04 | int pal_wd_timer_init_ns(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us); | Initializes an hardware watchdog timer | base_addr : Base address of the watchdog module<br/>time_us : Time in micro seconds<br/>timer_tick_us : Number of ticks per micro second<br/>|
+| 05 | int pal_wd_timer_enable_ns(addr_t base_addr); | Enables a hardware watchdog timer | base_addr : Base address of the watchdog module<br/>|
+| 06 | int pal_wd_timer_disable_ns(addr_t base_addr); | Disables a hardware watchdog timer | base_addr : Base address of the watchdog module<br/> |
+| 07 | int pal_nvmem_read_ns(addr_t base, uint32_t offset, void *buffer, int size); | Reads from given non-volatile address. | base : Base address of nvmem<br/>offset : Offset<br/>buffer : Pointer to source address<br/>size : Number of bytes<br/> |
+| 08 | int pal_nvmem_write_ns(addr_t base, uint32_t offset, void *buffer, int size); | Writes into given non-volatile address. | base : Base address of nvmem<br/>offset : Offset<br/>buffer : Pointer to source address<br/>size : Number of bytes<br/> |
+| 09 | int32_t pal_crypto_function(int type, va_list valist); | This API will call the requested crypto function | type : function code<br/>valist : variable argument list<br/> |
+| 10 | uint32_t pal_its_function(int type, va_list valist); | This API will call the requested internal trusted storage function | type : function code<br/>valist : variable argument list<br/> |
+| 11 | uint32_t pal_ps_function(int type, va_list valist); | This API will call the requested protected storage function | type : function code<br/>valist : variable argument list<br/> |
+
+## License
+Arm PSA test suite is distributed under Apache v2.0 License.
+
+--------------
+
+*Copyright (c) 2019, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/docs/porting_guide_ff.md b/api-tests/docs/porting_guide_ff.md
new file mode 100644
index 0000000..1c29c64
--- /dev/null
+++ b/api-tests/docs/porting_guide_ff.md
@@ -0,0 +1,80 @@
+
+# Porting Guide - PSA-FF Architecture Test Suite
+-----------------------------------------------------
+
+## Introduction
+The Architecture test suite contains a platform abstraction layer (PAL) which abstracts platform specific information from the tests.
+ - The PAL layer interface functions need to be implemented/ported to the target platform.
+ - The target config file must be created/updated to match the details of the target platform.
+
+This document provides details on the porting steps and the PAL APIs.
+
+## Porting steps
+
+### Target configuration
+
+You must populate your system configuration and provide it as an input to test suite. This is captured in a single static input configuration file that is named as target.cfg. This file is available at api-tests/platform/targets/<platform_name>/. <br />
+
+An example of the input configuration file is as shown.
+
+ // UART device info
+ uart.num=1;
+ uart.0.base = 0x40004000;
+ uart.0.size = 0xFFF;
+ uart.0.intr_id = 0xFF;
+ uart.0.permission = TYPE_READ_WRITE;
+
+ // Watchdog device info
+ watchdog.num = 1;
+ watchdog.0.base = 0x40008000;
+ watchdog.0.size = 0xFFF;
+ watchdog.0.intr_id = 0xFF;
+ watchdog.0.permission = TYPE_READ_WRITE;
+
+ More details on the structure of the input can be obtained from val/common/val_target.h.
+
+### Adding a new target
+
+ - Create a new directory in platform/targets/<platform_name>. For reference, see the existing platform tgt_ff_mbedos_fvp_mps2_m4 directory.
+ - cp -rf platform/targets/tgt_ff_mbedos_fvp_mps2_m4/ platform/targets/<platform_name>/
+ - Update platform/targets/<platform_name>/target.cfg with your platform detail. Refer val/common/val_target.h for structure details.
+ - Update the platform information available in manifest files located in platform/targets/<platform_name>/manifests/ directory with your platform information. The platform detail must match with device detail provided in the target.cfg file.
+ - Update platform/nspe/Makefile appropriately to select correct instances of PAL files for compilation. To compile IPC tests, you must set PSA_IPC_IMPLEMENTED to 1 and remaining Developer APIs related variables to 0. This selects the secure PAL instances for the driver services and eliminates dev_apis dependancy for IPC tests.
+ - Refer "PAL API list" section to view list of PAL APIs that must be ported for your target platform. These APIs definitions are available in nspe/pal_\*\_intf.c and spe/pal_\*_intf.c files. These APIs are written for tgt_ff_mbedos_fvp_mps2_m4 platform. You can reuse the code if it works for your platform. Otherwise you must port them for your platform specific peripherals.
+ - The platform make file is invoked as part of test suite build tool(./setup.sh) step and it creates <build_dir>/BUILD/platform/pal_nspe.a archive for NPSE files and respective object for SPE files at <build_dir>/BUILD/platform/spe/\*\_driver_sp.o. Later, these SPE objects are used by spbuild.mk to create appropriate SPE partition archive file.
+
+**Note**:
+ Test suite needs access to the following peripherals. When PSA_IPC_IMPLEMENTED is set to 1, driver functionalities are implemented as RoT-services in driver partition. Other Secure partitions and non-secure code calls to these RoT-services to get appropriate driver services.
+ - One UART to print nspe and spe messages
+ - One Watchdog timer to help recovery from any fatal error conditions
+ - Non-volatile memory support to preserve test status over watchdog timer reset
+
+
+## PAL API list
+Since Test suite is agnostic to various system targets, before building the tests, you must port below PAL APIs. These functions will require implementation for your target platform. <br />
+
+- Following are the list of PAL APIs used in NSPE: <br />
+
+| No | Prototype | Description | Parameters |
+|----|-----------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------|----------------------------------------------------------|
+| 01 | int pal_spi_read(addr_t addr, uint8_t *data, uint32_t len); | This function will read peripherals using SPI commands | addr : address of the peripheral<br/>data : read buffer<br/>len : length of the read buffer in bytes<br/> |
+
+- Following are the list of PAL APIs used in SPE: <br />
+
+| No | Prototype | Description | Parameters |
+|----|-----------------------------------------------------------------------------------|-----------------------------------------------------------------------------------|----------------------------------------------------------|
+| 01 | void pal_uart_init(addr_t uart_base_addr); | This function initializes the uart | uart_base_addr : Base address of the UART<br/> |
+| 02 | void pal_print(char *str, uint32_t data); | This function parses the input string and writes byte by byte to print | str : Input String<br/>data : Value for Format specifier<br/> |
+| 03 | int pal_wd_timer_init(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us);| Initializes an hardware watchdog timer | base_addr : Base address of the watchdog module<br/>time_us : Time in micro seconds<br/>timer_tick_us : Number of ticks per micro second<br/>|
+| 04 | int pal_wd_timer_enable(addr_t base_addr); | Enables a hardware watchdog timer | base_addr : Base address of the watchdog module<br/> |
+| 05 | int pal_wd_timer_disable(addr_t base_addr); | Disables a hardware watchdog timer | base_addr : Base address of the watchdog module<br/> |
+| 06 | int pal_wd_timer_is_enabled(addr_t base_addr); | Checks whether hardware watchdog timer is enabled | base_addr : Base address of the watchdog module<br/> |
+| 07 | int pal_nvmem_write(addr_t base, uint32_t offset, void *buffer, int size); | Writes 'size' bytes from buffer into non-volatile memory at a given 'base + offset'| base : Base address of NV MEM<br/>offset : Offset<br/>buffer : Pointer to source address<br/>size : Number of bytes<br/> |
+| 08 | int pal_nvmem_read(addr_t base, uint32_t offset, void *buffer, int size); | Reads 'size' bytes from non-volatile memory at a given | base : Base address of NV MEM<br/>offset : Offset<br/>buffer : Pointer to source address<br/>size : Number of bytes<br/> |
+
+## License
+Arm PSA test suite is distributed under Apache v2.0 License.
+
+--------------
+
+*Copyright (c) 2019, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/docs/psa_crypto_testlist.md b/api-tests/docs/psa_crypto_testlist.md
index bc6197e..12def99 100644
--- a/api-tests/docs/psa_crypto_testlist.md
+++ b/api-tests/docs/psa_crypto_testlist.md
@@ -2,62 +2,573 @@
-| **Group** | **Test** | **Function** | **Scenario** | **Return Value** | **Steps** | **Test Case** |
-|------------------------------|-----------|--------------------------|-----------------------------------------------------------------------------------------------------------------------|-----------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| **Basic** | test_c001 | psa_crypto_init | Library initialization | PSA_SUCCESS | Calling this function should return SUCCESS | |
-| | | | Applications must call this function before calling any other function in this module. | PSA_SUCCESS | Try calling crypto operations doing a crypto_init should be successful(can be covered as part of other testcase) | |
-| | | | Applications may call this function more than once. Once a call succeeds, subsequent calls are guaranteed to succeed. | PSA_SUCCESS | Try calling multiple crypto init and should return SUCCESS | |
-| | | | Applications must call this function before calling any other function in this module. | PSA_ERROR_BAD_STATE | Try calling crypto operations without doing a crypto_init should return FAILURE | |
-| | | | | | | |
-| **Key Management** | test_c002 | psa_import_key | Import a key in binary format. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Initialize a key policy structure to a default that forbids all usage of the key <br /> 3. Set the standard fields of a policy structure <br /> 4. Set the usage policy on a key slot <br /> 5. Import the key data into the key slot <br /> 6. Get basic metadata about a key <br /> 7. Export a key in binary format <br /> 8. Check if original key data matches with the exported data | 1. 16 Byte AES <br /> 2. 24 Byte AES <br /> 3. 32 Byte AES <br /> 4. 2048 RSA public key <br /> 5. 2048 RSA keypair <br /> 6. DES 64 bit key <br /> 7. Triple DES 2-Key <br /> 8. Triple DES 3-Key <br /> 9. EC Public key <br /> 10. EC keypair |
-| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function with incorrect key type | Incorrect key type |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Key data greater than the algorithm size <br /> 2. Incorrect key data size <br /> 3. Invalid key slot <br /> 4. Zero key slot |
-| | | | | PSA_ERROR_OCCUPIED_SLOT | Pass the key slot to store data which is already occupied | Already occupied key slot |
-| | test_c003 | psa_export_key | Export a key in binary format | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Initialize a key policy structure to a default that forbids all usage of the key <br /> 3. Set the standard fields of a policy structure <br /> 4. Set the usage policy on a key slot <br /> 5. Import the key data into the key slot <br /> 6. Get basic metadata about a key <br /> 7. Export a key in binary format <br /> 8. Check if original key data matches with the exported data | 1. 16 Byte AES <br /> 2. 24 Byte AES <br /> 3. 32 Byte AES <br /> 4. 2048 RSA public key <br /> 5. 2048 RSA keypair <br /> 6. DES 64 bit key <br /> 7. Triple DES 2-Key <br /> 8. Triple DES 3-Key <br /> 9. EC Public key <br /> 10. EC keypair |
-| | | | | PSA_ERROR_BUFFER_TOO_SMALL | Calling this function with buffer size less than required | Less buffer size |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Zero key slot <br /> 2. Invalid key slot |
-| | | | | PSA_ERROR_BAD_STATE | Calling this function with key policy that cannot be exported | Invalid key policy usage |
-| | | | | PSA_ERROR_EMPTY_SLOT | Calling this function with empty key slot | Empty key slot |
-| | test_c004 | psa_export_public_key | Export a public key or the public part of a key pair in binary format. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Initialize a key policy structure to a default that forbids all usage of the key <br /> 3. Set the standard fields of a policy structure <br /> 4. Set the usage policy on a key slot <br /> 5. Import the key data into the key slot <br /> 6. Get basic metadata about a key <br /> 7. Export a key in binary format <br /> 8. Check if original key data matches with the exported data | 1. 2048 RSA public key <br /> 2. 2048 RSA keypair <br /> 3. EC Public key <br /> 4. EC keypair |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | 1. Initialize the PSA crypto library <br /> 2. Initialize a key policy structure to a default that forbids all usage of the key <br /> 3. Set the standard fields of a policy structure <br /> 4. Set the usage policy on a key slot <br /> 5. Import the key data into the key slot <br /> 6. Get basic metadata about a key <br /> 7. Export a key in binary format <br /> 8. Check if original key data matches with the exported data | 1. 16 Byte AES <br /> 2. 24 Byte AES <br /> 3. 32 Byte AES <br /> 4. DES 64 bit key <br /> 5. Triple DES 2-Key <br /> 6. Triple DES 3-Key |
-| | | | | PSA_ERROR_BUFFER_TOO_SMALL | Calling this function with buffer size less than required | Less buffer size |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Zero key slot <br /> 2. Invalid key slot |
-| | | | | PSA_ERROR_BAD_STATE | Calling this function with key policy that cannot be exported | Invalid key policy usage |
-| | test_c005 | psa_destroy_key | Destroy a key and restore the slot to its default state. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Initialize a key policy structure to a default that forbids all usage of the key <br /> 3. Set the standard fields of a policy structure <br /> 4. Set the usage policy on a key slot <br /> 5. Import the key data into the key slot <br /> 6. Get basic metadata about a key <br /> 7. Destroy a key and restore the slot to its default state <br /> 8. Check that if the key metadata are destroyed | 1. 16 Byte AES <br /> 2. 24 Byte AES <br /> 3. 32 Byte AES <br /> 4. 2048 RSA public key <br /> 5. 2048 RSA keypair <br /> 6. DES 64 bit key <br /> 7. Triple DES 2-Key <br /> 8. Triple DES 3-Key <br /> 9. EC Public key <br /> 10. EC keypair |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Invalid key slot <br /> 2. Zero key slot <br /> 3. Empty key slot |
-| | test_c006 | psa_get_key_information | Get basic metadata about a key. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Initialize a key policy structure to a default that forbids all usage of the key <br /> 3. Set the standard fields of a policy structure <br /> 4. Set the usage policy on a key slot <br /> 5. Import the key data into the key slot <br /> 6. Get basic metadata about a key | 1. 16 Byte AES <br /> 2. 24 Byte AES <br /> 3. 32 Byte AES <br /> 4. 2048 RSA public key <br /> 5. 2048 RSA keypair <br /> 6. DES 64 bit key <br /> 7. Triple DES 2-Key <br /> 8. Triple DES 3-Key <br /> 9. EC Public key <br /> 10. EC keypair |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Zero key slot <br /> 2. Invalid key slot |
-| | | | | PSA_ERROR_EMPTY_SLOT | Pass the key slot number which has the key type as none | Empty key slot |
-| | NO TEST | psa_key_policy_set_usage | Set the standard fields of a policy structure. | void | Void function. Covered as part of other cases | |
-| | | | | | | |
-| **Key Policies** | test_c007 | psa_set_key_policy | Set the usage policy on a key slot. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Initialize a key policy structure to a default that forbids all usage of the key <br /> 3. Set the standard fields of a policy structure <br /> 4. Set the usage policy on a key slot <br /> 5. Import the key data into the key slot <br /> 6. Get the usage policy for a key slot <br /> 7. Check if the policy matches the original input | 1. 16 Byte AES <br /> 2. 24 Byte AES <br /> 3. 32 Byte AES <br /> 4. 2048 RSA public key <br /> 5. 2048 RSA keypair <br /> 6. DES 64 bit key <br /> 7. Triple DES 2-Key <br /> 8. Triple DES 3-Key <br /> 9. EC Public key <br /> 10. EC keypair |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Invalid key policy <br /> 2. Zero key slot <br /> 3. Invalid key slot |
-| | | | | PSA_ERROR_OCCUPIED_SLOT | Pass the key slot to store data which is already occupied | Already occupied key slot |
-| | test_c008 | psa_get_key_policy | Get the usage policy for a key slot | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Initialize a key policy structure to a default that forbids all usage of the key <br /> 3. Set the standard fields of a policy structure <br /> 4. Set the usage policy on a key slot <br /> 5. Change the lifetime of a key slot <br /> 6. Import the key data into the key slot <br /> 7. Get the usage policy for a key slot <br /> 8. Retrieve the usage field of a policy structure <br /> 9. Retrieve the algorithm field of a policy structure <br /> 10. Make sure they match the original value | 1. 16 Byte AES <br /> 2. 24 Byte AES <br /> 3. 32 Byte AES <br /> 4. 2048 RSA public key <br /> 5. 2048 RSA keypair <br /> 6. DES 64 bit key <br /> 7. Triple DES 2-Key <br /> 8. Triple DES 3-Key <br /> 9. EC Public key <br /> 10. EC keypair |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Zero key slot <br /> 2. Invalid key slot |
-| | test_c009 | psa_set_key_lifetime | Change the lifetime of a key slot. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Initialize a key policy structure to a default that forbids all usage of the key <br /> 3. Set the standard fields of a policy structure <br /> 4. Set the usage policy on a key slot <br /> 5. Change the lifetime of a key slot <br /> 6. Import the key data into the key slot <br /> 7. Reset the system <br /> 8. After reboot check if the contents of persistent and write once key data are preserved | 1. Volatile keys <br /> 2. Persistent keys <br /> 3. Write once keys |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with incorrect argument should return failure | 1. Zero key slot <br /> 2. Invalid key slot <br /> 3. Invalid key lifetime |
-| | | | | PSA_ERROR_OCCUPIED_SLOT | If implementation does not supports changing the lifetime of preoccupied slot, calling this function with already occupied slot should return failure(Impdef) | Pre occupied key slot |
-| | test_c010 | psa_get_key_lifetime | Retrieve the lifetime of a key slot. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Initialize a key policy structure to a default that forbids all usage of the key <br /> 3. Set the standard fields of a policy structure <br /> 4. Set the usage policy on a key slot <br /> 5. Change the lifetime of a key slot <br /> 6. Import the key data into the key slot <br /> 7. Get the lifetime of a key slot | Testing only volatile keys as other key types are currently not supported |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Invalid key policy <br /> 2. Zero key slot <br /> 3. Invalid key slot <br /> 4. Empty key slot |
-| | | | | | | |
-| **Message Authentication Codes** | test_c011 | psa_hash_start | Start a multipart hash operation. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Start a multipart hash operation | 1. MD2 <br /> 2. MD4 <br /> 3. MD5 <br /> 4. RIPEMD160 <br /> 5. SHA1 <br /> 6. SHA224 <br /> 7. SHA256 <br /> 8. SHA512 <br /> 9. SHA512_224 <br /> 10. SHA512_256 <br /> 11. SHA3_224 1 <br /> 2. SHA3_256 1 <br /> 3. SHA3_384 1 <br /> 4. SHA3_512 |
-| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function with unsupported algorithm should return error | Invalid hash algorithm |
-| | test_c012 | psa_hash_update | Add a message fragment to a multipart hash operation. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Start a multipart hash operation <br /> 3. Add a message fragment to a multipart hash operation | 1. MD2 <br /> 2. MD4 <br /> 3. MD5 <br /> 4. RIPEMD160 <br /> 5. SHA1 <br /> 6. SHA224 <br /> 7. SHA256 <br /> 8. SHA384 <br /> 9. SHA512 |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function without calling the psa_hash_start() should return error | Inactive operation handle |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with completed operation handle should return error | Completed operation handle |
-| | test_c013 | psa_hash_verify | Finish the calculation of the hash of a message and compare it with an expected value. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Start a multipart hash operation <br /> 3. Add a message fragment to a multipart hash operation <br /> 4. Finish the calculation of the hash of a message and compare it with an expected value | 1. MD2 <br /> 2. MD4 <br /> 3. MD5 <br /> 4. RIPEMD160 <br /> 5. SHA1 <br /> 6. SHA224 <br /> 7. SHA256 <br /> 8. SHA384 <br /> 9. SHA512 |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with inactive operation handle should return error | Inactive operation handle |
-| | | | | PSA_ERROR_INVALID_SIGNATURE | Calling this function with incorrect expected value should return error | 1. Incorrect expected hash value <br /> 2. Incorrect expected hash length |
-| | test_c014 | psa_hash_finish | Finish the calculation of the hash of a message. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Start a multipart hash operation <br /> 3. Add a message fragment to a multipart hash operation <br /> 4. Finish the calculation of the hash of a message <br /> 5. Compare it with the expected value | 1. MD2 <br /> 2. MD4 <br /> 3. MD5 <br /> 4. RIPEMD160 <br /> 5. SHA1 <br /> 6. SHA224 <br /> 7. SHA256 <br /> 8. SHA384 <br /> 9. SHA512 |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with an inactive operation handle should return error | Inactive operation handle |
-| | | | | PSA_ERROR_BUFFER_TOO_SMALL | Calling this function with a hash buffer whose size is less than the algorithm output should return error | Buffer size less than required |
-| | test_c015 | psa_hash_abort | Abort a hash operation. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Start a multipart hash operation <br /> 3. Abort a hash operation | 1. MD2 <br /> 2. MD4 <br /> 3. MD5 <br /> 4. RIPEMD160 <br /> 5. SHA1 <br /> 6. SHA224 <br /> 7. SHA256 <br /> 8. SHA384 <br /> 9. SHA512 |
-| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling psa_hash_finish after calling psa_hash_abort should return error | |
+| Group | Test | Function | Scenario | Return Value | Steps | Test Case |
+|------------------------------|-----------|----------------------------|-----------------------------------------------------------------------------------------------------------------------|---------------------------------|------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------|
+| Basic | test_c001 | psa_crypto_init | Library initialization | PSA_SUCCESS | Calling this function should return SUCCESS | |
+| | | | Applications must call this function before calling any other function in this module. | PSA_SUCCESS | Try calling crypto operations doing a crypto_init should be successful(can be covered as part of other testcase) | |
+| | | | Applications may call this function more than once. Once a call succeeds, subsequent calls are guaranteed to succeed. | PSA_SUCCESS | Try calling multiple crypto init and should return SUCCESS | |
+| | | | Applications must call this function before calling any other function in this module. | PSA_ERROR_BAD_STATE | Try calling crypto operations without doing a crypto_init should return FAILURE | |
+| | | | | | | |
+| Key Management | test_c002 | psa_import_key | Import a key in binary format. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES |
+| | | | | | 2. Initialize a key policy structure to a default that forbids all usage of the key | 2. 24 Byte AES |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte AES |
+| | | | | | 4. Set the usage policy on a key slot | 4. 2048 RSA public key |
+| | | | | | 5. Import the key data into the key slot | 5. 2048 RSA keypair |
+| | | | | | 6. Get basic metadata about a key | 6. DES 64 bit key |
+| | | | | | 7. Export a key in binary format | 7. Triple DES 2-Key |
+| | | | | | 8. Check if original key data matches with the exported data | 8. Triple DES 3-Key |
+| | | | | | | 9. EC Public key |
+| | | | | | | 10. EC keypair |
+| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function with incorrect key type | Incorrect key type |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Key data greater than the algorithm size |
+| | | | | | | 2. Incorrect key data size |
+| | | | | | | |
+| | | | | | | |
+| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid key handle should return this error | 1. Invalid key slot </br> 2. Zero key slot |
+| | | | | PSA_ERROR_OCCUPIED_SLOT | Pass the key slot to store data which is already occupied | Already occupied key slot |
+| | test_c003 | psa_export_key | Export a key in binary format | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES |
+| | | | | | 2. Initialize a key policy structure to a default that forbids all usage of the key | 2. 24 Byte AES |
+| | | | | | | |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte AES |
+| | | | | | 4. Set the usage policy on a key slot | 4. 2048 RSA public key |
+| | | | | | 5. Import the key data into the key slot | 5. 2048 RSA keypair |
+| | | | | | 6. Get basic metadata about a key | 6. DES 64 bit key |
+| | | | | | 7. Export a key in binary format | 7. Triple DES 2-Key |
+| | | | | | 8. Check if original key data matches with the exported data | 8. Triple DES 3-Key |
+| | | | | | | 9. EC Public key |
+| | | | | | | 10. EC keypair |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | Calling this function with buffer size less than required | Less buffer size |
+| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid parameter should return this error | 1. Zero key slot |
+| | | | | | | 2. Invalid key slot |
+| | | | | PSA_ERROR_BAD_STATE | Calling this function with key policy that cannot be exported | Invalid key policy usage |
+| | | | | PSA_ERROR_EMPTY_SLOT | Calling this function with empty key slot | Empty key slot |
+| | test_c004 | psa_export_public_key | Export a public key or the public part of a key pair in binary format. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 2048 RSA public key |
+| | | | | | 2. Initialize a key policy structure to a default that forbids all usage of the key | 2. 2048 RSA keypair |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. EC Public key |
+| | | | | | 4. Set the usage policy on a key slot | 4. EC keypair |
+| | | | | | 5. Import the key data into the key slot | |
+| | | | | | 6. Get basic metadata about a key | |
+| | | | | | 7. Export a key in binary format | |
+| | | | | | 8. Check if original key data matches with the exported data | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | 1. Initialize the PSA crypto library | 1. 16 Byte AES |
+| | | | | | 2. Initialize a key policy structure to a default that forbids all usage of the key | 2. 24 Byte AES |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte AES |
+| | | | | | 4. Set the usage policy on a key slot | 4. DES 64 bit key |
+| | | | | | 5. Import the key data into the key slot | 5. Triple DES 2-Key |
+| | | | | | 6. Get basic metadata about a key | 6. Triple DES 3-Key |
+| | | | | | 7. Export a key in binary format | |
+| | | | | | 8. Check if original key data matches with the exported data | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | Calling this function with buffer size less than required | Less buffer size |
+| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid parameter should return this error | 1. Zero key slot |
+| | | | | | | 2. Invalid key slot |
+| | | | | PSA_ERROR_BAD_STATE | Calling this function with key policy that cannot be exported | Invalid key policy usage |
+| | test_c005 | psa_destroy_key | Destroy a key and restore the slot to its default state. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES |
+| | | | | | 2. Initialize a key policy structure to a default that forbids all usage of the key | 2. 24 Byte AES |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte AES |
+| | | | | | 4. Set the usage policy on a key slot | 4. 2048 RSA public key |
+| | | | | | 5. Import the key data into the key slot | 5. 2048 RSA keypair |
+| | | | | | 6. Get basic metadata about a key | 6. DES 64 bit key |
+| | | | | | 7. Destroy a key and restore the slot to its default state | 7. Triple DES 2-Key |
+| | | | | | 8. Check that if the key metadata are destroyed | 8. Triple DES 3-Key |
+| | | | | | | 9. EC Public key |
+| | | | | | | 10. EC keypair |
+| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid parameter should return this error | 1. Invalid key slot |
+| | | | | | | 2. Zero key slot |
+| | | | | | | 3. Empty key slot |
+| | test_c006 | psa_get_key_information | Get basic metadata about a key. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES |
+| | | | | | 2. Initialize a key policy structure to a default that forbids all usage of the key | 2. 24 Byte AES |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte AES |
+| | | | | | 4. Set the usage policy on a key slot | 4. 2048 RSA public key |
+| | | | | | 5. Import the key data into the key slot | 5. 2048 RSA keypair |
+| | | | | | 6. Get basic metadata about a key | 6. DES 64 bit key |
+| | | | | | | 7. Triple DES 2-Key |
+| | | | | | | 8. Triple DES 3-Key |
+| | | | | | | 9. EC Public key |
+| | | | | | | 10. EC keypair |
+| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid parameter should return this error | 1. Zero key slot |
+| | | | | | | 2. Invalid key slot |
+| | | | | PSA_ERROR_EMPTY_SLOT | Pass the key slot number which has the key type as none | Empty key slot |
+| | NO TEST | psa_key_policy_set_usage | Set the standard fields of a policy structure. | void | Void function. Covered as part of other cases | |
+| | | | | | | |
+| Key Policies | test_c007 | psa_set_key_policy | Set the usage policy on a key slot. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES |
+| | | | | | 2. Initialize a key policy structure to a default that forbids all usage of the key | 2. 24 Byte AES |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte AES |
+| | | | | | 4. Set the usage policy on a key slot | 4. 2048 RSA public key |
+| | | | | | 5. Import the key data into the key slot | 5. 2048 RSA keypair |
+| | | | | | 6. Get the usage policy for a key slot | 6. DES 64 bit key |
+| | | | | | 7. Check if the policy matches the original input | 7. Triple DES 2-Key |
+| | | | | | | 8. Triple DES 3-Key |
+| | | | | | | 9. EC Public key |
+| | | | | | | 10. EC keypair |
+| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid parameter should return this error | 1. Invalid key policy |
+| | | | | | | 2. Zero key slot |
+| | | | | | | 3. Invalid key slot |
+| | | | | PSA_ERROR_OCCUPIED_SLOT | Pass the key slot to store data which is already occupied | Already occupied key slot |
+| | test_c008 | psa_get_key_policy | Get the usage policy for a key slot | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES |
+| | | | | | 2. Initialize a key policy structure to a default that forbids all usage of the key | 2. 24 Byte AES |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte AES |
+| | | | | | 4. Set the usage policy on a key slot | 4. 2048 RSA public key |
+| | | | | | 5. Change the lifetime of a key slot | 5. 2048 RSA keypair |
+| | | | | | 6. Import the key data into the key slot | 6. DES 64 bit key |
+| | | | | | 7. Get the usage policy for a key slot | 7. Triple DES 2-Key |
+| | | | | | 8. Retrieve the usage field of a policy structure | 8. Triple DES 3-Key |
+| | | | | | 9. Retrieve the algorithm field of a policy structure | 9. EC Public key |
+| | | | | | 10. Make sure they match the original value | 10. EC keypair |
+| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid parameter should return this error | 1. Zero key slot |
+| | | | | | | 2. Invalid key slot |
+| | test_c009 | psa_allocate_key | Allocate a key slot for a transient key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. Volatile keys |
+| | | | | | 2. Initialize a key policy structure to a default that forbids all usage of the key | |
+| | | | | | 3. Allocate a key slot for a transient key | |
+| | | | | | | |
+| | | | | | | |
+| | | | | | | |
+| | | | | | | |
+| | | | | | | |
+| | | | | PSA_ERROR_INSUFFICIENT_MEMORY | Calling this function with multiple time | |
+| | | | | | | |
+| | | | | | | |
+| | test_c010 | psa_get_key_lifetime | Retrieve the lifetime of a key slot. | PSA_SUCCESS | 1. Initialize the PSA crypto library | Testing only volatile keys as other key types are currently not supported |
+| | | | | | 2. Initialize a key policy structure to a default that forbids all usage of the key | |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | |
+| | | | | | 4. Set the usage policy on a key slot | |
+| | | | | | 5. Change the lifetime of a key slot | |
+| | | | | | 6. Import the key data into the key slot | |
+| | | | | | 7. Get the lifetime of a key slot | |
+| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Zero key slot |
+| | | | | | | 2. Invalid key slot |
+| | | | | | | 3. Empty key slot |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Invalid key policy |
+| Message Authentication Codes | test_c011 | psa_hash_start | Start a multipart hash operation. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 |
+| | | | | | 2. Start a multipart hash operation | 2. MD4 |
+| | | | | | | 3. MD5 |
+| | | | | | | 4. RIPEMD160 |
+| | | | | | | 5. SHA1 |
+| | | | | | | 6. SHA224 |
+| | | | | | | 7. SHA256 |
+| | | | | | | 8. SHA512 |
+| | | | | | | 9. SHA512_224 |
+| | | | | | | 10. SHA512_256 |
+| | | | | | | 11. SHA3_224 1 |
+| | | | | | | 2. SHA3_256 1 |
+| | | | | | | 3. SHA3_384 1 |
+| | | | | | | 4. SHA3_512 |
+| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function with unsupported algorithm should return error | Invalid hash algorithm |
+| | test_c012 | psa_hash_update | Add a message fragment to a multipart hash operation. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 |
+| | | | | | 2. Start a multipart hash operation | 2. MD4 |
+| | | | | | 3. Add a message fragment to a multipart hash operation | 3. MD5 |
+| | | | | | | 4. RIPEMD160 |
+| | | | | | | 5. SHA1 |
+| | | | | | | 6. SHA224 |
+| | | | | | | 7. SHA256 |
+| | | | | | | 8. SHA384 |
+| | | | | | | 9. SHA512 |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function without calling the psa_hash_start() should return error | Inactive operation handle |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with completed operation handle should return error | Completed operation handle |
+| | test_c013 | psa_hash_verify | Finish the calculation of the hash of a message and compare it with an expected value. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 |
+| | | | | | 2. Start a multipart hash operation | 2. MD4 |
+| | | | | | 3. Add a message fragment to a multipart hash operation | 3. MD5 |
+| | | | | | 4. Finish the calculation of the hash of a message and compare it with an expected value | 4. RIPEMD160 |
+| | | | | | | 5. SHA1 |
+| | | | | | | 6. SHA224 |
+| | | | | | | 7. SHA256 |
+| | | | | | | 8. SHA384 |
+| | | | | | | 9. SHA512 |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with inactive operation handle should return error | Inactive operation handle |
+| | | | | PSA_ERROR_INVALID_SIGNATURE | Calling this function with incorrect expected value should return error | 1. Incorrect expected hash value |
+| | | | | | | 2. Incorrect expected hash length |
+| | test_c014 | psa_hash_finish | Finish the calculation of the hash of a message. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 |
+| | | | | | 2. Start a multipart hash operation | 2. MD4 |
+| | | | | | 3. Add a message fragment to a multipart hash operation | 3. MD5 |
+| | | | | | 4. Finish the calculation of the hash of a message | 4. RIPEMD160 |
+| | | | | | 5. Compare it with the expected value | 5. SHA1 |
+| | | | | | | 6. SHA224 |
+| | | | | | | 7. SHA256 |
+| | | | | | | 8. SHA384 |
+| | | | | | | 9. SHA512 |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with an inactive operation handle should return error | Inactive operation handle |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | Calling this function with a hash buffer whose size is less than the algorithm output should return error | Buffer size less than required |
+| | test_c015 | psa_hash_abort | Abort a hash operation. | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. MD2 |
+| | | | | | 2. Start a multipart hash operation | 2. MD4 |
+| | | | | | 3. Abort a hash operation | 3. MD5 |
+| | | | | | | 4. RIPEMD160 |
+| | | | | | | 5. SHA1 |
+| | | | | | | 6. SHA224 |
+| | | | | | | 7. SHA256 |
+| | | | | | | 8. SHA384 |
+| | | | | | | 9. SHA512 |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling psa_hash_finish after calling psa_hash_abort should return error | |
+| Generator | test_c016 | psa_generate_key | Generate a key or key pair | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES |
+| | | | | | 2. Initialize a key policy structure | 2. DES |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. ECC |
+| | | | | | 4. Set the usage policy on a key slot | 4. RSA |
+| | | | | | 5. Generate a key or key pair | |
+| | | | | | 6. Get basic metadata about a key | |
+| | | | | | 7. Check if key type and key length matches | |
+| | | | | | 8. Export a key in binary format | |
+| | | | | | 9. Check if the metadata matches | |
+| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid key slot should return this error | Invalid key slot |
+| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with zero as key slot should return this error | Zero as key slot |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with Null extra and Non-Zero extra size should return this error | Null extra and Non-Zero extra size |
+| | | | | PSA_ERROR_OCCUPIED_SLOT | Calling this function with pre-occupied key slot should return this error | Pre-occupied key slot |
+| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function to generate only public key should return this error | Key type as public key |
+| | test_c017 | psa_generate_random | Generate random bytes | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte data |
+| | | | | | 2. Generate random bytes | 2. 24 Byte data |
+| | | | | | 3. Check that if generated data are Non-Zero | 3. 32 Byte data |
+| | | | | | | 4. 64 Byte data |
+| | | | | | | 5. 128 Byte data |
+| | | | | | | 6. 256 Byte data |
+| | | | | | | 7. 512 Byte data |
+| | | | | | | 8. 1000 Byte data |
+| | | | | | | 9. 1024 Byte data |
+| | test_c018 | psa_generator_read | Read some data from a generator | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte key |
+| | | | | | 2. Initialize a key policy structure | 2. 32 Byte key |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 8 Byte Key |
+| | | | | | 4. Set the usage policy on a key slot | 4. SHA 256 |
+| | | | | | 5. Import the key data into the key slot | 5. SHA 512 |
+| | | | | | 6. Set up a key derivation operation | 6. SHA 1 |
+| | | | | | 7. Generate random bytes | 7. Output size less than generator capacity |
+| | | | | | 8. Check that if generated data are non-zero | 8. Output size equal to generator capacity |
+| | | | | | 9. Generate random bytes for remaining capacity | 9. Request maximum capacity |
+| | | | | | 10. Check that if generated data are non-zero | |
+| | | | | | 11. Generate random bytes and check that it fails | |
+| | | | | PSA_ERROR_INSUFFICIENT_CAPACITY | Calling this function with output size greater than the current capacity should return this error | output size greater than the current capacity |
+| | | | | PSA_ERROR_INSUFFICIENT_CAPACITY | Calling this function with capacity greater than the allowed capacity should return this error | request maximum capacity +1 |
+| | test_c019 | psa_generator_get_capacity | Retrieve the current capacity of a generator | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. Output size less than generator capacity |
+| | | | | | 2. Initialize a key policy structure | 2. Output size equal to generator capacity |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | |
+| | | | | | 4. Set the usage policy on a key slot | |
+| | | | | | 5. Import the key data into the key slot | |
+| | | | | | 6. Set up a key derivation operation | |
+| | | | | | 7. Retrieve the current capacity of a generator | |
+| | | | | | 8. Check that it is equal to the input capacity | |
+| | | | | | 9. Generate random bytes | |
+| | | | | | 10. Retrieve the current capacity of a generator | |
+| | | | | | 11. Check that it is equal to the remaining capacity | |
+| | test_c020 | psa_generator_import_key | Create a symmetric key from data read from a generator | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES |
+| | | | | | 2. Initialize a key policy structure | 2. 32 Byte AES |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | |
+| | | | | | 4. Set the usage policy on a key slot | |
+| | | | | | 5. Import the key data into the key slot | |
+| | | | | | 6. Set up a key derivation operation | |
+| | | | | | 7. Initialize a key policy structure for new slot | |
+| | | | | | 8. Set the standard fields of a policy structure | |
+| | | | | | 9. Set the usage policy on a new key slot | |
+| | | | | | 10. Create a symmetric key from data read from a generator | |
+| | | | | | 11. Export a key in binary format | |
+| | | | | | 12. Check that length of the key matches | |
+| | | | | | 13. Check that the key is non-zero | |
+| | | | | | 14. Initialize a key policy structure for new slot | |
+| | | | | | 15. Set the standard fields of a policy structure | |
+| | | | | | 16. Set the usage policy on a new key slot | |
+| | | | | | 17. Create a symmetric key from data read from a generator for the remaining size | |
+| | | | | | 18. Export a key in binary format | |
+| | | | | | 19. Check that length of the key matches | |
+| | | | | | 20. Check that the key is non-zero | |
+| | | | | | 21. Initialize a key policy structure for new slot | |
+| | | | | | 22. Set the standard fields of a policy structure | |
+| | | | | | 23. Set the usage policy on a new key slot | |
+| | | | | | 24. Create a symmetric key from data read from a generator for the some size | |
+| | | | | | Check that it fails | |
+| | | | | PSA_ERROR_INSUFFICIENT_CAPACITY | Calling this function with output greater than capacity should return this error | Output greater than capacity |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with public key algorithm should return this error | 1. RSA public key </br>2.Invalid key size |
+| | | | | PSA_ERROR_INVALID_HANDLE | Calling this function with invalid arguments should return this error | 1. Invalid key slot |
+| | | | | | | 2. Zero as key slot |
+| | | | | | | |
+| | | | | PSA_ERROR_OCCUPIED_SLOT | Calling this function with already occupied key slot should return this error | Pre-occupied key slot |
+| | test_c021 | psa_generator_abort | Abort a generator | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. Abort |
+| | | | | | 2. Initialize a key policy structure | 2. Multiple |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. Calling generator functions after abort should fail |
+| | | | | | 4. Set the usage policy on a key slot | |
+| | | | | | 5. Import the key data into the key slot | |
+| | | | | | 6. Set the key for a multipart symmetric encryption/decryption operation | |
+| | | | | | 7. Abort a cipher operation | |
+| | | | | | 8. Multiple abort cipher operation should return success | |
+| Key derivation | test_c022 | psa_key_derivation | Set up a key derivation operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte data with SHA-256 |
+| | | | | | 2. Initialize a key policy structure | 2. 32 byte data with SHA-512 |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte data with MD-5 |
+| | | | | | 4. Import the key data into the key slot | 4. Salt and label provided as input |
+| | | | | | 5. Set up a key derivation operation | |
+| | | | | | 6. Retrieve the current capacity of a generator | |
+| | | | | | 7. Make sure that the capacity is same as input capacity | |
+| | | | | PSA_INVALID_ARGUMENT | Calling this function with invalid argument should return this error | 1. Invalid algorithm 2. Unsupported generator capacity |
+| | | | | | | 3. Unsupported key type |
+| | | | | PSA_ERROR_INVALID_HANDLE | Calling this functoin wih incorrect key handle | 1. Invalid key handle </br>2. Zero as key slot |
+| | | | | PSA_ERROR_EMPTY_SLOT | Calling this function with empty key slot should return this error | Empty key slot |
+| Key policies | test_c023 | psa_key_policy_get_usage | Retrieve the usage field of a policy structure | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. Encrypt |
+| | | | | | 2. Initialize a key policy structure | 2. Decrypt |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. Export |
+| | | | | | 4. Retrieve the usage field of a policy structure | 4. Sign |
+| | | | | | 5. Check that usage is same as input | 5. Verify |
+| | | | | | | 6. Derive |
+| AEAD | test_c024 | psa_aead_encrypt | Process an authenticated encryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. CCM - 16B AES - Nounce and additional data |
+| | | | | | 2. Initialize a key policy structure | 2. GCM - 16B AES - NULL Nounce & addi data |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. GCM -16B AES - 12B Nounce & 12B addi data |
+| | | | | | 4. Set the usage policy on a key slot | 4. CCM - 16B AES - 13B Nounce & 8B addi data |
+| | | | | | 5. Import the key data into the key slot | |
+| | | | | | 6. Call aead encrypt | |
+| | | | | | 7. Check if the status is expected | |
+| | | | | | 8. Check if the cipher text is expected length | |
+| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. DES key |
+| | | | | | | 2. Unsupported algorithm |
+| | | | | PSA_ERROR_EMPTY_SLOT | | Empty key slot |
+| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Zero as key slot |
+| | | | | | | 2. Invalid key slot |
+| | | | | PSA_ERROR_NOT_PERMITTED | | 1. Small output buffer size |
+| | | | | | | 2. Invalid key usage |
+| | test_c025 | psa_aead_decrypt | Process an authenticated decryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. CCM - 16B AES - Nounce and additional data |
+| | | | | | 2. Initialize a key policy structure | 2. GCM - 16B AES - NULL Nounce & addi data |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. GCM -16B AES - 12B Nounce & 12B addi data |
+| | | | | | 4. Set the usage policy on a key slot | 4. CCM - 16B AES - 13B Nounce & 8B addi data |
+| | | | | | 5. Import the key data into the key slot | |
+| | | | | | 6. Call aead decrypt | |
+| | | | | | 7. Check if the status is expected | |
+| | | | | | 8. Check if the plain text is expected length | |
+| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. DES key |
+| | | | | | | 2. Unsupported algorithm |
+| | | | | PSA_ERROR_EMPTY_SLOT | | Empty key slot |
+| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Zero as key slot |
+| | | | | | | 2. Invalid key slot |
+| | | | | PSA_ERROR_NOT_PERMITTED | | 1. Small output buffer size |
+| | | | | | | 2. Invalid key usage |
+| Message Authentication Codes | test_c026 | psa_mac_sign_setup | Start a multipart MAC calculation operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 64 Byte HMAC |
+| | | | | | 2. Initialize a key policy structure | 2. 16 Byte AES - CMAC |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | |
+| | | | | | 4. Set the usage policy on a key slot | |
+| | | | | | 5. Import the key data into the key slot | |
+| | | | | | 6. Start a multipart MAC calculation operation | |
+| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. 16 Byte AES - GMAC |
+| | | | | | | 2. Incompatible HMAC for CMAC |
+| | | | | | | 3. Bad algorithm (unknown MAC algorithm)<br /< |
+| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage |
+| | | | | PSA_ERROR_EMPTY_SLOT | | Empty key slot |
+| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Invalid key type |
+| | | | | | | 2. Truncated MAC too large |
+| | | | | | | 3 |
+| | test_c027 | psa_mac_update | Add a message fragment to a multipart MAC operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1.64 Byte HMAC SHA256 |
+| | | | | | 2. Initialize a key policy structure | 2. 16 Byte AES - CMAC |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte HMAC SHA512 |
+| | | | | | 4. Set the usage policy on a key slot | |
+| | | | | | 5. Import the key data into the key slot | |
+| | | | | | 6. Start a multipart MAC calculation operation | |
+| | | | | | 7. Add a message fragment to a multipart MAC operation | |
+| | | | | | 8. Check for the expected status | |
+| | | | | | 9. If success, Finish the calculation of the MAC of a message | |
+| | | | | | 10. Add a message fragment to the same multipart MAC operation should fail | |
+| | | | | PSA_ERROR_BAD_STATE | | 1. Completed operation as input |
+| | | | | | | 2. Uninitialized operation as input |
+| | test_c028 | psa_mac_sign_finish | Finish the calculation of the MAC of a message | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. HMAC SHA 224 |
+| | | | | | 2. Initialize a key policy structure | 2. HMAC SHA 256 |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. HMAC SHA 512 |
+| | | | | | 4. Set the usage policy on a key slot | 4. HMAC SHA 224 (truncated to 8 Byte) |
+| | | | | | 5. Import the key data into the key slot | 5. CMAC AES 128 |
+| | | | | | 6. Start a multipart MAC calculation operation | |
+| | | | | | 7. Add a message fragment to a multipart MAC operation | |
+| | | | | | 8. Finish the calculation of the MAC of a message | |
+| | | | | | 9. Check for the expected status | |
+| | | | | | 10. If success, Check if the MAC length matches with the expected length | |
+| | | | | | 11. Check if the MAC data matches with the expected data | |
+| | | | | | 12. Finish the calculation of the MAC of a message using same operation should return error | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small size buffer |
+| | | | | PSA_ERROR_BAD_STATE | | Invalid operation as input |
+| | test_c029 | psa_mac_verify_setup | | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 64 Byte HMAC |
+| | | | | | 2. Initialize a key policy structure | 2. 16 Byte AES - CMAC |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | |
+| | | | | | 4. Set the usage policy on a key slot | |
+| | | | | | 5. Import the key data into the key slot | |
+| | | | | | 6. Start a multipart MAC verification operation | |
+| | | | | | 7. Check for the expected status | |
+| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. 16 Byte AES - GMAC |
+| | | | | | | 2. Incompatible HMAC for CMAC |
+| | | | | | | 3. Bad algorithm (unknown MAC algorithm)<br /< |
+| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage |
+| | | | | PSA_ERROR_EMPTY_SLOT | | Empty slot as input |
+| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Invalid key type |
+| | | | | | | 2. Truncated MAC too large |
+| | test_c030 | psa_mac_verify_finish | Finish the calculation of the MAC of a message and compare it with an expected value | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. HMAC SHA 224 |
+| | | | | | 2. Initialize a key policy structure | 2. HMAC SHA 256 |
+| | | | | | 3.Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. HMAC SHA 512 |
+| | | | | | 4. Set the usage policy on a key slot | 4. HMAC SHA 224 (truncated to 8 Byte) |
+| | | | | | 5. Import the key data into the key slot | 5. CMAC AES 128 |
+| | | | | | 6. Start a multipart MAC calculation operation | |
+| | | | | | 7. Add a message fragment to a multipart MAC operation | |
+| | | | | | 8. Finish the calculation of the MAC of a message | |
+| | | | | | 9. Check for the expected status | |
+| | | | | | 10. Finish the calculation of the MAC of a message using same operation should return error | |
+| | | | | PSA_ERROR_INVALID_SIGNATURE | | 1. Small size buffer |
+| | | | | | | 2. Incorrect expected hash |
+| | | | | PSA_ERROR_BAD_STATE | | Invalid operation as input |
+| | test_c031 | psa_mac_abort | Abort a MAC operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. HMAC SHA 224 |
+| | | | | | 2. Initialize a key policy structure | 2. HMAC SHA 256 |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. HMAC SHA 512 |
+| | | | | | 4. Set the usage policy on a key slot | 4. CMAC AES 128 |
+| | | | | | 5. Import the key data into the key slot | 5. HMAC truncated |
+| | | | | | 6. Start a multipart MAC calculation operation | 6. Multiple abort |
+| | | | | | 7. Abort the MAC operation | 7. psa_mac_finish after psa_mac_abort should return failure |
+| Symmetric Ciphers | test_c032 | psa_cipher_encrypt_setup | Set the key for a multipart symmetric encryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES |
+| | | | | | 2. Initialize a key policy structure | 2. 24 Byte AES |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte AES |
+| | | | | | 4. Set the usage policy on a key slot | 4. DES 64 bit key |
+| | | | | | 5. Import the key data into the key slot | 5. Triple DES 2-Key |
+| | | | | | 6. Set the key for a multipart symmetric encryption operation | 6. Triple DES 3-Key |
+| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. 16 Byte raw data |
+| | | | | | | 2. Unknown cipher algorithm |
+| | | | | | | 3. Incompatible key ARC4 |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Not a cipher algorithm |
+| | | | | | | 2. Invalid key slot |
+| | | | | | | 3. Zero as key slot |
+| | | | | | | 4. RSA public key |
+| | | | | | | 5. RSA keypair |
+| | | | | | | 6. EC Public key |
+| | | | | | | 7. EC keypair |
+| | | | | PSA_ERROR_EMPTY_SLOT | | Empty key slot |
+| | | | | PSA_ERROR_NOT_PERMITTED | | Incorrect usage |
+| | test_c033 | psa_cipher_decrypt_setup | Set the key for a multipart symmetric decryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. HMAC SHA 224 |
+| | | | | | 2. Initialize a key policy structure | 2. HMAC SHA 256 |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. HMAC SHA 512 |
+| | | | | | 4. Set the usage policy on a key slot | 4. CMAC AES 128 |
+| | | | | | 5. Import the key data into the key slot | 5. HMAC truncated |
+| | | | | | 6. Set the key for a multipart symmetric decryption operation | 6. Multiple abort |
+| | | | | | | 7. psa_mac_finish after psa_mac_abort should return failure |
+| | | | | PSA_ERROR_NOT_SUPPORTED | | 1. 16 Byte raw data |
+| | | | | | | 2. Unknown cipher algorithm |
+| | | | | | | 3. Incompatible key ARC4 |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Not a cipher algorithm |
+| | | | | | | 2. Invalid key slot |
+| | | | | | | 3. Zero as key slot |
+| | | | | | | 4. RSA public key |
+| | | | | | | 5. RSA keypair |
+| | | | | | | 6. EC Public key |
+| | | | | | | 7. EC keypair |
+| | | | | PSA_ERROR_EMPTY_SLOT | | Empty key slot |
+| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage |
+| | test_c034 | psa_cipher_generate_iv | Generate an IV for a symmetric encryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES |
+| | | | | | 2. Initialize a key policy structure | 2. 24 Byte AES |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte AES |
+| | | | | | 4. Set the usage policy on a key slot | 4. DES 64 bit key |
+| | | | | | 5. Import the key data into the key slot | 5. Triple DES 2-Key |
+| | | | | | 6. Set the key for a multipart symmetric encryption operation | 6. Triple DES 3-Key |
+| | | | | | 7. Generate an IV for a symmetric encryption operation | 7. AES - large iv buffer |
+| | | | | | 8. Check that if generated iv length match the expected length | 8. DES - large iv buffer |
+| | | | | | 9. Check that if generated iv are zero | |
+| | | | | | 10. Generating an IV for a symmetric encryption operation using the same operator should fail | |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | 1. AES - small iv buffer |
+| | | | | | | 2. DES - small iv buffer |
+| | test_c035 | psa_cipher_set_iv | Set the IV for a symmetric encryption or decryption operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. 16 Byte AES |
+| | | | | | 2. Initialize a key policy structure | 2. 24 Byte AES |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. 32 Byte AES |
+| | | | | | 4. Set the usage policy on a key slot | 4. DES 64 bit key |
+| | | | | | 5. Import the key data into the key slot | 5. Triple DES 2-Key |
+| | | | | | 6. Set the key for a multipart symmetric encryption/decryption operation | 6. Triple DES 3-Key |
+| | | | | | 7. Set an IV for a symmetric encryption/decryption operation | |
+| | | | | | 8. Check that if generated iv length match the expected length | |
+| | | | | | 9. Check that if generated iv are zero | |
+| | | | | | 10. Setting an IV for a symmetric encryption/decryption operation using the same operator should fail | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. AES - small iv buffer 2. DES - small iv buffer 3. AES - large iv buffer 4. DES - large iv buffer |
+| | test_c036 | psa_cipher_update | Encrypt or decrypt a message fragment in an active cipher operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES CBC_NO_PADDING |
+| | | | | | 2. Initialize a key policy structure | 2. AES CBC_NO_PADDING (Short input) |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. AES CBC_PKCS7 |
+| | | | | | 4. Set the usage policy on a key slot | 4. AES CBC_PKCS7 (Short input) |
+| | | | | | 5. Import the key data into the key slot | 5. AES CTR |
+| | | | | | 6. Set the key for a multipart symmetric encryption operation | 6. DES CBC (nopad) |
+| | | | | | 7. Set an IV for a symmetric encryption operation | 7. 2-key 3DE -CBC (nopad) |
+| | | | | | 8. Encrypt or decrypt a message fragment in an active cipher operation | 8. 3-key 3DE -CBC (nopad) |
+| | | | | | 9. Check if the output length matches the expected length | |
+| | | | | | 10. Check if the output data matches the expected data | |
+| | | | | | 11. Encrypt or decrypt a message fragment in an invalid cipher operation should fail | |
+| | | | | PSA_ERROR_BAD_STATE | Encrypt or decrypt a message fragment in an invalid cipher operation should fail | Invalid operation as input |
+| | test_c037 | psa_cipher_finish | Finish encrypting or decrypting a message in a cipher operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. AES CBC_NO_PADDING |
+| | | | | | 2. Initialize a key policy structure | 2. AES CBC_NO_PADDING (Short input) |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. AES CBC_PKCS7 |
+| | | | | | 4. Set the usage policy on a key slot | 4. AES CBC_PKCS7 (Short input) |
+| | | | | | 5. Import the key data into the key slot | 5. AES CTR |
+| | | | | | 6. Set the key for a multipart symmetric encryption operation | 6. DES CBC (nopad) |
+| | | | | | 7. Set an IV for a symmetric encryption operation | 7. 2-key 3DE -CBC (nopad) |
+| | | | | | 8. Encrypt or decrypt a message fragment in an active cipher operation | 8. 3-key 3DE -CBC (nopad) |
+| | | | | | 9. Finish encrypting or decrypting a message in a cipher operation | |
+| | | | | | 10. Check if the output length matches the expected length | |
+| | | | | | 11. Check if the output data matches the expected data | |
+| | | | | | 12. Finish encrypting or decrypting a message using an invalid operation should fail | |
+| | | | | PSA_ERROR_BAD_STATE | Encrypt or decrypt a message fragment in an invalid cipher operation should fail | Invalid operation as input |
+| | test_c038 | psa_cipher_abort | Abort a cipher operation | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. Encrypt - AES CBC_NO_PADDING |
+| | | | | | 2. Initialize a key policy structure | 2. Encrypt - AES CBC_PKCS7 |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. Encrypt - AES CTR |
+| | | | | | 4. Set the usage policy on a key slot | 4. Encrypt - DES CBC (nopad) |
+| | | | | | 5. Import the key data into the key slot | 5. Encrypt - 2-key 3DE -CBC (nopad) |
+| | | | | | 6. Set the key for a multipart symmetric encryption/decryption operation | 6. Encrypt - 3-key 3DE -CBC (nopad) |
+| | | | | | 7. Abort a cipher operation | 7. Decrypt - AES CBC_NO_PADDING |
+| | | | | | 8. Multiple abort cipher operation should return success | 8. Decrypt - AES CBC_PKCS7 |
+| | | | | | | 9. Decrypt - AES CTR |
+| | | | | | | 10. Decrypt - DES CBC (nopad) |
+| | | | | | | 11. Decrypt - 2-key 3DE -CBC (nopad) |
+| | | | | | | 12. Decrypt - 3-key 3DE -CBC (nopad) |
+| | | | | | | 13. psa_cipher_update after psa_cipher_abort should fail |
+| Asymmetric Cryptography | test_c039 | psa_asymmetric_encrypt | Encrypt a short message with a public key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. RSA PKCS1V15 |
+| | | | | | 2. Initialize a key policy structure | 2. RSA OAEP SHA256 |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. RSA OAEP SHA256 with label |
+| | | | | | 4. Set the usage policy on a key slot | 4. RSA KEYPAIR PKCS1V15 |
+| | | | | | 5. Import the key data into the key slot | |
+| | | | | | 6. Encrypt a short message with a public key | |
+| | | | | | 7. Check if the output length matches with the expected output length | |
+| | | | | | 8. Decrypt the cipher text | |
+| | | | | | 9. Check if the output length matches with the input length | |
+| | | | | | 10. Check if the output matches with the given input data | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Small output buffer |
+| | | | | | | 2. Invalid algorithm |
+| | | | | | | 3. Invalid key type |
+| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Invalid key slot </br>2. Zero key slot |
+| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage |
+| | | | | PSA_ERROR_EMPTY_SLOT | | Empty key slot |
+| | test_c040 | psa_asymmetric_decrypt | Decrypt a short message with a private key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. RSA KEYPAIR PKCS1V15 |
+| | | | | | 2. Initialize a key policy structure | 2. RSA KEYPAIR OAEP SHA256 |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. RSA KEYPAIR OAEP SHA256 with label |
+| | | | | | 4. Set the usage policy on a key slot | |
+| | | | | | 5. Import the key data into the key slot | |
+| | | | | | 6. Decrypt a short message with a private key | |
+| | | | | | 7. Check if the output length matches with the expected length | |
+| | | | | | 8. Check if the output matches with the expected data | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Invalid key type (RSA public key) |
+| | | | | | | 2. Invalid algorithm |
+| | | | | | | 3. Invalid key type (AES Key) |
+| | | | | PSA_ERROR_EMPTY_SLOT | | Empty key slot |
+| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage |
+| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Invalid key slot </br>2. Zero key slot |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer |
+| | test_c041 | psa_asymmetric_sign | Sign a hash or short message with a private key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. RSA KEYPAIR PKCS1V15 RAW |
+| | | | | | 2. Initialize a key policy structure | 2. RSA KEYPAIR PKCS1V15 SHA-256 |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. ECDSA KEYPAIR SECP256R1 SHA-256 |
+| | | | | | 4. Set the usage policy on a key slot | |
+| | | | | | 5. Import the key data into the key slot | |
+| | | | | | 6. Sign a hash or short message with a private key | |
+| | | | | | 7. Check if the output length matches with the expected length | |
+| | | | | | 8. Check if the output matches with the expected data | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Invalid key type (RSA public key) |
+| | | | | | | 2. Invalid algorithm |
+| | | | | | | 3. Invalid key type (AES Key) |
+| | | | | | | 4. Wrong hash size |
+| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Invalid key slot </br>2. Zero key slot |
+| | | | | PSA_ERROR_EMPTY_SLOT | | Empty key slot |
+| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer |
+| | test_c042 | psa_asymmetric_verify | Verify the signature a hash or short message using a public key | PSA_SUCCESS | 1. Initialize the PSA crypto library | 1. RSA KEYPAIR PKCS1V15 RAW |
+| | | | | | 2. Initialize a key policy structure | 2. RSA KEYPAIR PKCS1V15 SHA-256 |
+| | | | | | 3. Allocate a key slot for a transient key and set the standard fields of a policy structure | 3. ECDSA KEYPAIR SECP256R1 SHA-256 |
+| | | | | | 4. Set the key data based on key type | 4. RSA public key |
+| | | | | | 5. Set the usage policy on a key slot | 5. EC public key |
+| | | | | | 6. Import the key data into the key slot | |
+| | | | | | 7. Verify the signature a hash or short message using a public key | |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | | 1. Invalid algorithm |
+| | | | | | | 2. Wrong hash size |
+| | | | | PSA_ERROR_INVALID_HANDLE | | 1. Invalid key slot </br>2. Zero key slot |
+| | | | | PSA_ERROR_INVALID_SIGNATURE | | Wrong signature size |
+| | | | | | | Wrong signature |
+| | | | | PSA_ERROR_EMPTY_SLOT | | Empty key slot |
+| | | | | PSA_ERROR_NOT_PERMITTED | | Invalid usage |
+| | | | | PSA_ERROR_NOT_SUPPORTED | | Invalid key type (AES Key) |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | | Small output buffer |
-# License
+## License
Arm PSA test suite is distributed under Apache v2.0 License.
--------------
-*Copyright (c) 2018, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2018-2019, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/docs/psa_ipc_testlist.md b/api-tests/docs/psa_ipc_testlist.md
index 563a371..fd32425 100644
--- a/api-tests/docs/psa_ipc_testlist.md
+++ b/api-tests/docs/psa_ipc_testlist.md
@@ -1,109 +1,110 @@
# PSA FF IPC Testcase checklist
-| Tests | Scenario rules | Client- Server Test Functions Pair | Test Algorithm/Comments/ Test limitation | PSA API crosses | Covered or to be covered in release |
-|------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------|--------------------------------------|
-| test_i001 | 1. psa_framework_version(): Retrieve the version of the PSA Framework API that is implemented. | [client/server]_test_psa_framework_version() | Call the psa_framework_version() API at both side SPE and NSPE and check the return value. | psa_framework_version | Alpha |
-| | 1. psa_version() returns PSA_VERSION_NONE when the RoT Service is not implemented, or the caller is not permitted to access the service OR return > 0 with the minor version of the implemented RoT Service. | [client/server]_test_psa_version() | 1. Pass un-implemented SID and expects PSA_VERSION_NONE as return value. <br />2. Call to API from NSPE with a SID who doesn't provide service to NSPE and expects PSA_VERSION_NONE as return value. <br />3. Pass SID who is implemented and provides service to NSPE and expect minor number(>0) of given RoT service as return. <br />Perform all above checks from SPE too. | psa_version | Alpha |
-| test_i002 | 1. psa_connect() returns the PSA_CONNECTION_BUSY when RoT Service cannot make the connection at the moment (transient error). <br />2. psa_connect() returns the PSA_CONNECTION_REFUSED when RoT Service has refused the connection <br />3. psa_wait() returns the Secure Partition interrupt signals that have been asserted from a subset of signals provided by the caller. Returns > 0 when at least one signal is asserted <br />4. psa_get():Get the message which corresponds to a given RoT Service signal and remove the message from the queue. <br />5. psa_get() returns PSA_SUCCESS when *msg will contain the delivered message. <br />6. The type member of the psa_msg_t object should return PSA_IPC_CONNECT for a new connection request following a psa_get() call to psa_connect() and msg.handle must be positive. <br />7. psa_reply(): If the message type is PSA_IPC_CONNECT then server can reject the connection by sending PSA_CONNECTION_REFUSED (permanent error) or PSA_CONNECTION_BUSY (transient error) status code. <br /> | [client/server]_test_connection_busy_and_reject() | 1. Client tries to connect to ROT service using psa_connect() <br />2. RoT service checks the delivery of PSA_IPC_CONNECT message type and positive handle value returned by psa_get() <br />3. RoT service rejects the connection by executing psa_reply(handle,PSA_CONNECTION_BUSY) <br />4. Client tries to connect to same ROT service using psa_connect() again <br />5. This time, RoT service rejects the connection by executing psa_reply(handle,PSA_CONNECTION_REFUSED) <br />Perform all above steps from NSPE and SPE both. | psa_connect,psa_wait,psa_get,psa_reply | Alpha |
-| | 1. psa_connect(): When SID is implemented and client is permitted to access the service, SPM delivers a PSA_IPC_CONNECT message from the client to the Secure Partition that implements the RoT Service and positive handle is returned to client. <br />2. psa_get():Get the message which corresponds to a given RoT Service signal and remove the message from the queue. <br />3. psa_get() returns PSA_SUCCESS when *msg will contain the delivered message <br />4. psa_get():The type member of the psa_msg_t object should return PSA_IPC_CONNECT for a new connection request following a psa_get() call to psa_connect() and msg.handle must be positive. <br />5. psa_get(): The type member of the psa_msg_t object should return PSA_IPC_DISCONNECT for a new connection request following a psa_get() call to psa_close() and msg.handle must be positive. <br />6. psa_reply(): If the message type is PSA_IPC_CONNECT then server can accept the connection by sending PSA_SUCCESS status code. If the message type is PSA_IPC_DISCONNECT then the status code is ignored. <br />7. psa_close(): Closes a connection to a RoT Service. Sends the PSA_IPC_DISCONNECT message to the RoT Service. This function will have no effect if called with the null handle. <br /> | [client/server]_test_accept_and_close_connect() | 1.Client tries to connect to ROT service <br /> 2. RoT service checks the delivery of PSA_IPC_CONNECT message type and positive handle value return by psa_get() <br />3. RoT service accepts the connection by executing psa_reply(.., PSA_CONNECTION_ACCEPTED). <br />4. Client calls the psa_close with PSA_NULL_HANDLE and later it closes the connection using psa_close() with actual handle value <br />5. RoT service checks the delivery of PSA_IPC_DISCONNECT message type, checks handle value eqaul to NULL returned by psa_get() and completes the PSA_IPC_DISCONNECT by executing psa_reply() . <br />Perform all above steps from NSPE and SPE both. | psa_connect,psa_wait,psa_get,psa_reply,psa_close | Alpha |
-| | Following are allowed minor version condition to psa_connect(): <br /> 1. Version policy is not mentioned and requested version is 1 which is default minimum version <br />2. Version policy is STRICT and requested version equals minimum version <br />3. Version policy is relaxed and requested version is smaller than the minimum version <br /> 4. Version policy is relaxed and requested version is euqal to the minimum version <br /> | [client/server]_test_connect_with_allowed_minor_version_policy() | Client tries connecting ROT service of following properties and expects connection to establish: <br /> - Version policy is not mentioned and requested version is 1 which is default minimum version <br /> - Version policy is STRICT and requested version equals minimum version <br /> - Version policy is relaxed and requested version is smaller than the minimum version <br /> - Version policy is relaxed and requested version is equal to the minimum version <br />Perform all above steps from NSPE and SPE both. | psa_connect | Alpha |
-| | 1. psa_call(): The valid psa_call, make SPM to send PSA_IPC_CALL msg.type to the RoT servicee partition and the successful call should return >=0 handle value. <br />2. psa_call() receives return value >= 0 for RoT-specific return code <br />3. psa_call() receive return value < 0 for RoT-specific error code <br />4. psa_reply(): If the message type is PSA_IPC_CALL and ROT service want to end call with success then the return code must be PSA_SUCCESS or and positive integers are used to indicate RoT Service specific result values(this must be reported to client). All other return codes (INT32_MIN+128 to -1) are reported to the client. | [client/server]_test_psa_call_with_allowed_status_code() | 1. Client connects to RoT service <br />2. Client sends message using psa_call() <br />3. RoT service checks the delivery of PSA_IPC_CALL message type and positive handle value return by psa_get() <br />4. RoT service ends the call using psa_reply(status_code) <br />5. Client checks the return value of psa_call() and Client closes the connectionRepeat (1) to (5) for different status code, SUCCESS, +ve, -ve.. <br />Perform all above steps from NSPE and SPE both. | psa_call,psa_reply | Alpha |
-| | 1. A msg.client_id that has a positive value indicates that the client is in the SPE and this the Secure Partition ID of the client. A negative client_id indicates that the client is in the NSPE. <br />2. Client_id is valid during PSA_IPC_CONNECT, PSA_IPC_CALL and PSA_IPC_DISCONNECT msg type. <br />3. Manifest Parameter- name (required, unique) <br />A Partition must have an alphanumeric name for source code to directly refer to a specific Partition. The format of the name must follow the rules of a C macro. <br />4. Manifest Parameter - id (required, unique) <br />It must be represented by a hexadecimal string. The Secure Partition ID can be referenced in Secure Partition source code via the symbolic name specified as name attribute. The symbol must have the value of the Secure Partition ID. <br /> | [client/server]_test_identity() | - Check the value returned by msg.client_id during PSA_IPC_CONNECT, PSA_IPC_CALL and PSA_IPC_DISCONNECT. For NSPE connection, client_id should be <0 and for SPE, it should be >0. <br />Perform all above steps from NSPE and SPE both. <br />- Access the Partition ID of client partition and compare the value with expected ID value. | psa_get | Alpha |
-| | 1. psa_connect() will return the PSA_CONNECTION_REFUSED OR PSA_CONNECTION_BUSY when the SPM has reached the limit of concurrent connections | [client/server]_test_spm_concurrent_connect_limit() | Execute psa_connect() API in a loop until it returns PSA_CONNECTION_REFUSED or PSA_CONNECTION_BUSY <br />Perform above step from NSPE and SPE both. | psa_connect | Alpha |
-| | 1. psa_wait(): When MODE(PSA_BLOCK) is one, the function will block the caller until one of the requested signals is asserted. <br />2. psa_wait(): Callers must set RES to zero, implementations must ignore the value of RES. <br /> | [client/server]_test_psa_block_behave() | 1. Client connects to a RoT service mutilpe times. <br />2. RoT service psa_wait(PSA_BLOCK|(Non-zero value for timeout[30:0])) API is executed without while(1) loop. <br />3. RoT service serves the connections by rejecting them. <br />This is a sanity check, a successful handshaking between client and server for requested connection represents check pass. <br />Perform above steps from NSPE and SPE both. | psa_wait | Alpha |
-| | 1. psa_wait(): When MODE is zero, the function will return immediately with the current signal state, which can be zero if no signals are active. | [client/server]_test_psa_poll_behave() | 1. Client connects to a RoT service mutilpe times. <br />2. RoT service executes psa_wait(PSA_POLL) in a while loop and checks the API's polling behaviour. <br />3. Call psa_wait(PSA_POLL) when no request is made by client and checks the return value. <br />Perform above steps from NSPE and SPE both. | psa_wait | Alpha |
-| | 1. psa_wait() returns the Secure Partition interrupt signals that have been asserted from the subset of signals indicated in the bitmask provided. The mask must contain the set of signals the caller is interested in handling. | [client/server]_test_psa_wait_bitmask_behave() | 1. Client connects to a RoT service mutilpe times with different SID <br />2. RoT service executes psa_wait with necessary signal_mask <br />3. RoT service checks that returned signal value is subset of signals indicated in the signal_mask <br />Perform above steps from NSPE and SPE both. | psa_wait | Alpha |
-| test_i003 | 1. The reverse handle for a connection is NULL until psa_set_rhandle() is used. psa_set_rhandle() can be used to associate some caller-provided private data with a specified client connection. And SPM must provide same rhandle for msg.rhandle with all subsequent messages delivered on this connection. On success the rhandle is retained by the implementation and provided in all future messages on that connection as part of the psa_msg_t structure. <br />2. Setting the rhandle for a connection during disconnection has no observable effect. | [client/server]_test_psa_set_rhandle() | 1. Client connects to RoT service and RoT service checks the value of msg.rhanlde value duing PSA_IPC_CONNECT2. Client send call msg to RoT service and RoT service checks the value of msg.rhanlde value duing PSA_IPC_CONNECT <br />3. ROT service sets the rhandle with known value. <br />4. Client send call msg to RoT service and RoT service now compare the value of msg.rhanndle with previously set value <br />5. ROT service sets the rhandle with known value other than previously set value <br />6. Client send call msg to RoT service and RoT service now compare the value of msg.rhanndle with last set value <br />7. The reverse handle for a connection is NULL until psa_set_rhandle() is used <br />Perform above steps from NSPE and SPE both. | psa_set_rhandle,psa_get | Alpha |
-| | 1. psa_call():The caller can optionally provide one or more buffers to receive a response (out_vec). <br />2. psa_get(): The array in_size provides the size of each client input vector in bytes. The array out_size provides the size of each client output vector in bytes. <br />3. psa_read(): parameter from the client input vector. Streams up to the next num_bytes bytes of client input vector invec_idx in the message identified by msg_handle to the Secure Partition buffer. Returns the number of bytes copied. <br />4. psa_read(): If num_bytes is less than or equal to the available data in the input vector then num_bytes are copied to buffer, and the remaining data in the input vector can be read by subsequent calls to psa_read() with the same msg_handle and invec_idx. <br />5. psa_read(): RoT Services can determine how much data is available to read from the message based on the in_size[] attribute of the psa_msg_t message returned from psa_get(). If an input vector has not been passed by the client then the corresponding in_size[] for that vector is zero. <br />6. psa_read(): If num_bytes is greater than the remaining data in the input vector then the remaining input bytes are copied to buffer and the call returns the number of bytes copied. Any space after this in buffer is not modified. Subsequent calls of psa_read() or psa_skip() with the same message input vector will report that there is no more data in the vector. <br />7. psa_skip(): Skip over part of a client input vector. Advances the current read offset by skipping up to num_bytes bytes for input vector invec_idx in the message identified by msg_handle. psa_skip(): When psa_skip returns, it returns with the number of bytes skipped <br />8. psa_skip(): If There was no remaining data in this input vector, return zero <br />9.psa_skip(): If num_bytes is greater than the remaining size of the input vector then the remaining size of the input vector is returned. Subsequent calls of psa_read() or psa_skip() with the same message input vector will report that there is no more data in the vector. <br /> | [client/server]_test_call_read_and_skip() | 1.Client connects to RoT service <br />2.Client sends four input vectors to RoT service using psa_call <br />3. RoT service checks following: <br /> - Reporting of input vectors size through msg.in_size <br /> - Input vectors content reading through psa_read <br /> -Inbound /Outbound offset reading <br /> -Inbound/Outbound offset skipping <br /> -Zero byte read and skip <br /> -out_len=0 check <br />4. Client recieves the status of RoT service checks and closes the connection <br />Perform above steps from NSPE and SPE both. | psa_call,psa_read,psa_skip,psa_get, | Alpha |
-| | 1. psa_call(): The caller can optionally provide one or more buffers to receive a response (out_vec). On return from psa_call() the len value will have been updated to indicate the number of bytes of data written to the buffer by the RoT Service. <br />2. psa_write(): Appends num_bytes of data from buffer to the client output vector outvec_idx in the message identified by msg_handle. Sequential calls using the same msg_handle and outvec_idx will be concatenated in the output vector | [client/server]_test_call_and_write() | 1. Client connects to RoT service <br />2. Client sends four output vectors to RoT service using psa_call <br />3. RoT service checks following: <br /> - Reporting of output vectors size through msg.out_size <br /> - in_len=0 check <br /> - zero byte write <br /> - Out vector writes using psa_write <br /> - Vector write concatenation <br />4. Client recieves the status of RoT service checks, cross check the content of out vectors and closes the connection <br />Perform above steps from NSPE and SPE both. | psa_call,psa_get,psa_write | Alpha |
-| | 1. psa_call(): Any I/O vector of length zero is permitted and will be treated as an empty or non-existent vector by the framework. When less than four vectors are provided to psa_call() for either input or output, then the remaining vectors have zero length and the in_size and out_size elements for these vectors will be zero. <br />2. psa_call(): If in_len is zero then in_vec is ignored <br />3. sa_call(): If out_len is zero then out_vec is ignored <br />4. psa_get(): If an input and output vector has not been passed by the client then the corresponding in_size[] and out_size[] for that vector is zero. | [client/server]_test_zero_length_invec()[client/server]_test_zero_length_outvec() | Test zero lenth input vector: <br />1. Client connects to RoT service <br />2. Client sends three input and one outvec vectors to RoT service using psa_call - invec 0 as zero length vector, invec 1 as NULL and invec 2 and outvec 0 as non-zero length vector <br />3. RoT service checks size of each vectors reported through msg.in_size and msg.out_size <br />4. Client recieves the status of checks and closes the connection <br />Test zero lenth output vector: <br />1. Client connects to RoT service <br />2. Client sends one input and three outvec vectorsto RoT service using psa_call - outvec 0 as zero length vector, outvec 0 as NULL and invec 0 and outvec 2 as non-zero length vector <br />3. RoT service checks size of each vectors reported through msg.in_size and msg.out_size <br />4. Client recieves the status of checks and closes the connection <br />Perform above steps from NSPE and SPE both. | psa_call,psa_get | Alpha |
-| | 1. When client provides an input and output vectors which are referencing to same memory location, a psa_read after psa_write to the same memory location can return original or modified value. <br />2. When client provides an input and output vectors which are referencing to same memory location, a psa_write(s) to both memory vectors can return either the 1st or the 2nd value written. | [client/server]_test_overlapping_vectors | 1. Client provides one input and 2 output vectors which are pointing to same location. <br />2. RoT service performs read after write operation on to outvec-0 and expects return value either modified one or the original <br />3. RoT service performs write operation to outvec-1 and unblock the connection. The write performed is to mimic write after write operatio to the overlapping vector. <br />4. Client check the value of outvec. The value should be either the value written by first psa_write or the second psa_write. | psa_call,psa_write,psa_read | Alpha |
-| test_i004 | psa_connect() does not return if RoT Service does not exist on platform | [client/server]_test_sid_does_not_exists() | Call psa_connect with SID which does not exist on a platform <br />Perform above step from NSPE and SPE both. | psa_connect | Alpha |
-| test_i005 | psa_connect() does not return if Version policy is STRICT and requested version is HIGHER than minimum version | [client/server]_test_strict_policy_higher_minor_version() | call psa_connect with SID whose Version policy is STRICT and requested minor version is HIGHER than minimum version. <br />Perform above step from NSPE and SPE both. | psa_connect | Alpha |
-| test_i006 | psa_connect() does not return if Version policy is STRICT and requested version lower than minimum version | [client/server]_test_strict_policy_lower_minor_version() | call psa_connect with SID whose Version policy is STRICT and requested minor version is Lower than minimum version. <br />Perform above step from NSPE and SPE both. | psa_connect | Alpha |
-| test_i007 | psa_connect() does not return if Version policy is RELAXED and requested version is bigger than minimum version | [client/server]_test_relax_policy_higher_minor_version() | call psa_connect with SID whose Version policy is RELAXED and requested minor version is HIGHER than minimum version. <br />Perform above step from NSPE and SPE both. | psa_connect | Alpha |
-| test_i008 | 1. psa_connect() does not return if Service to non_secure_client is not available <br />2. Manifest parameter - The non_secure_clients field contains a boolean to indicate if it is accessible to NSPE clients. RoT Services are always accessible to SPE clients. | [client/server]_test_secure_access_only_connection() | Call psa_connect with SID which allow secure only connection. <br />Perform above step from NSPE and SPE both. | psa_connect | Alpha |
-| test_i009 | 1. psa_connect() does not return if SID is not mentioned in dependencies field. <br />2. Manifest parameter- dependencies (optional) <br />If access between a Secure Partition (acting as client) and a RoT Service (acting as server) is not specified in the manifest, then the client is not permitted to connect to the RoT Service. | [client/server]_test_unextern_sid_connection() | Call psa_connect with SID which is not mentioned as external SID in manifest. | psa_connect | Alpha |
-| test_i010 | It is not required for the minor_version or minor_policy attributes to be specified. If they are not specified in the manifest, the RoT Service will have default attributes of minor_version=1 and minor_policy="STRICT". psa_connect() does not return if requested version higher than minimum version | [client/server]_test_unspecified_policy_with_higher_minor_ver() | Call psa_connect with SID whose Version policy is not mentioned and requested minor version is HIGHER than minimum version. <br />Perform above step from NSPE and SPE both. | psa_connect | Alpha |
-| test_i011 | It is not required for the minor_version or minor_policy attributes to be specified. If they are not specified in the manifest, the RoT Service will have default attributes of minor_version=1 and minor_policy="STRICT". psa_connect() does not return if requested version lower than minimum version | [client/server]_test_unspecified_policy_with_lower_minor_ver() | Call psa_connect with SID whose Version policy is not mentioned and requested minor version is lower than minimum version. <br />Perform above step from NSPE and SPE both. | psa_connect | Alpha |
-| test_i012 | psa_close() does not return if an invalid handle was provided that is not the null handle | [client/server]_test_psa_close_with_invalid_handle() | Call psa_close with INVALID_HANDLE which is not NULL. <br />Perform above step from NSPE and SPE both. | psa_close | Alpha |
-| test_i013 | psa_get() does not return if signal has more than a single bit set | [client/server]_test_psa_get_with_more_than_one_signal() | Call psa_get with a signal who has more than a single bit set | psa_get | Alpha |
-| test_i014 | After a RoT Service message is signaled, psa_get() function is used to retrieve the message details. Each message can only be retrieved once. | [client/server]_test_psa_get_called_twice() | Call psa_get with a valid signal back to back. | psa_get | Alpha |
-| test_i015 | psa_get() does not return if signal does not correspond to a RoT Service | [client/server]_test_psa_get_with_non_rot_signal() | Call psa_get with DOORBELL signal | psa_get | Alpha |
-| test_i016 | psa_get() does not return if The RoT Service signal is not currently asserted | [client/server]_test_psa_get_with_unasserted_signal() | Call psa_get with singal which is currently not asserted | psa_get | Alpha |
-| test_i017 | Each RoT Service listed creates a dependency from the client Partition to a server Partition. Within the resulting network of dependencies, there must be no circular dependencies between Secure Partitions. This would result in deadlock because the Service requests are always synchronous.For the same reason, a Secure Partition must not use a RoT Service that is defined within itself. Direct function calls must be used instead of IPC where there is a dependency between RoT Services within a single Secure Partition. | [client/server]_test_partition_calling_its_own_rot_service() | Partition calling its own ROT service using psa_connect. | psa_connect | Alpha |
-| test_i018 | psa_set_rhandle() does not return if an invalid message handle was provided | [client/server]_test_psa_set_rhandle_with_invalid_handle() | Call psa_set_rhanlde with an INVALID_HANDLE which is not NULL | psa_set_rhandle | Alpha |
-| test_i019 | psa_set_rhandle() does not return if Null handle was passed | [client/server]_test_psa_set_rhandle_with_null_handle() | Call psa_set_rhanlde with NULL handle | psa_set_rhandle | Alpha |
-| test_i020 | If messgae type if is PSA_IPC_CONNECT then use of status values in psa_reply() other than PSA_SUCCESS or PSA_CONNECTION_REFUSED is a fatal programming error | [client/server]_test_psa_reply_with_invalid_connect_status_code() | Call to psa_reply during PSA_IPC_CONNECT with status code other than PSA_SUCCESS and PSA_CONNECTION_REFUSED | psa_reply | Alpha |
-| test_i021 | If message type if PSA_IPC_CALL , the use of other reserved status codes in the range INT32_MIN+1 to INT32_MIN+127 for psa_reply() is a fatal programming error. | [client/server]_test_psa_reply_with_invalid_call_status_code() | Call to psa_reply during PSA_IPC_CALL with status code other than allowed code | psa_reply | Alpha |
-| test_i022 | psa_reply() does not return if the message handle is invalid | [client/server]_test_psa_reply_with_invalid_handle() | Call psa_reply with an INVALID_HANDLE which is not NULL | psa_reply | Alpha |
-| test_i023 | psa_reply() does not return if the message handle is Null handle | [client/server]_test_psa_reply_with_null_handle() | Call psa_reply with a NULL HANDLE | psa_reply | Alpha |
-| test_i024 | psa_call() does not return if an invalid handle was passed | [client/server]_test_psa_call_with_invalid_handle() | Call psa_call with an INVALID_HANDLE which is not NULL.Perform this step from NSPE and SPE both. | psa_call | Alpha |
-| test_i025 | psa_call() does not return if an null handle was passed | [client/server]_test_psa_call_with_null_handle() | Call psa_call with a NULL HANDLE. <br />Perform this step from NSPE and SPE both. | psa_call | Alpha |
-| test_i026 | psa_call() does not return if in_len + out_len > PSA_MAX_IOVEC | [client/server]_test_psa_call_with_iovec_more_than_max_limit() | Call psa_call with more than four IOVECs. <br />Perform this step from NSPE and SPE both. | psa_call | Alpha |
-| test_i027 | 1. psa_call() returns PSA_DROP_CONNECTION when the connection has been dropped by the RoT Service. This indicates that either this or a previous message was invalid(The SPM will implement one of the following behaviors in this situation:¿ this is a client fatal error and psa_call() will not return¿ psa_call() returning PSA_DROP_CONNECTION. In this case, all subsequent calls to psa_call() on this connection will immediately return PSA_DROP_CONNECTION and the connection must be closed) <br />2. psa_reply(): If the message type is PSA_IPC_CALL and the client has made an invalid request, then the RoT Service can request for the connection to be terminated by calling psa_reply() with return value PSA_DROP_CONNECTION. After this, the RoT Service will receive no further PSA_IPC_CALL messages on that connection. The SPM will deliver a PSA_IPC_DISCONNECT to the RoT Service to release any resources associated with that connection. | [client/server]_test_psa_drop_connection() | RoT service executes psa_reply with status code eqaul to PSA_DROP_CONNECTION during PSA_IPC_CALL.Client expects either PSA_DROP_CONNECTION as returned status code or does not return condition for psa_call. <br />Perform above steps from NSPE and SPE both. | psa_call | Alpha |
-| test_i028 | psa_read() does not return if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_read_at_ipc_connect() | Call psa_read during PSA_IPC_CONNECT | psa_read | Alpha |
-| test_i029 | psa_read() does not return if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_read_at_ipc_disconnect() | Call psa_read during PSA_IPC_DISCONNECT | psa_read | Alpha |
-| test_i030 | psa_read() does not return if Null handle was passed | [client/server]_test_psa_read_with_null_handle() | Call psa_read with NULL handle | psa_read | Alpha |
-| test_i031 | psa_read() does not return if Invalid handle was passed | [client/server]_test_psa_read_with_invalid_handle() | Calll psa_read with INVALID_HANDLE which is not NULL | psa_read | Alpha |
-| test_i032 | psa_read() does not return if invec_idx is equal to PSA_MAX_IOVEC | [client/server]_test_psa_read_with_invec_equal_to_max_iovec() | Call psa_read with invec_idx=PSA_MAX_IOVEC | psa_read | Alpha |
-| test_i033 | psa_read() does not return if invec_idx is greater than PSA_MAX_IOVEC | [client/server]_test_psa_read_with_invec_greater_than_max_iovec() | Call psa_read with invec_idx>PSA_MAX_IOVEC | psa_read | Alpha |
-| test_i034 | psa_skip() does not return if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_skip_at_ipc_connect() | Call psa_skip during PSA_IPC_CONNECT | psa_skip | Alpha |
-| test_i035 | psa_skip() does not return if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_skip_at_ipc_disconnect() | Call psa_skip during PSA_IPC_DISCONNECT | psa_skip | Alpha |
-| test_i036 | psa_skip() does not return if Null handle was passed | [client/server]_test_psa_skip_with_null_handle() | Call psa_skipwith NULL handle | psa_skip | Alpha |
-| test_i037 | psa_skip() does not return if Invalid handle was passed | [client/server]_test_psa_skip_with_invalid_handle() | Calll psa_skip with INVALID_HANDLE which is not NULL | psa_skip | Alpha |
-| test_i038 | psa_skip() does not return if invec_idx is equal to PSA_MAX_IOVEC | [client/server]_test_psa_skip_with_invec_equal_to_max_iovec() | Call psa_skip with invec_idx=PSA_MAX_IOVEC | psa_skip | Alpha |
-| test_i039 | psa_skip() does not return if invec_idx is greater than PSA_MAX_IOVEC | [client/server]_test_psa_skip_with_invec_greater_than_max_iovec() | Call psa_skip with invec_idx>PSA_MAX_IOVEC | psa_skip | Alpha |
-| test_i040 | psa_write() does not return if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_write_at_ipc_connect() | Call psa_write during PSA_IPC_CONNECT | psa_write | Alpha |
-| test_i041 | psa_write() does not return if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_write_at_ipc_disconnect() | Call psa_write during PSA_IPC_DISCONNECT | psa_write | Alpha |
-| test_i042 | psa_write() does not return if Null handle was passed | [client/server]_test_psa_write_with_null_handle() | Call psa_write with NULL handle | psa_write | Alpha |
-| test_i043 | psa_write() does not return if Invalid handle was passed | [client/server]_test_psa_write_with_invalid_handle() | Calll psa_write with INVALID_HANDLE which is not NULL | psa_write | Alpha |
-| test_i044 | psa_write() does not return if invec_idx is equal to PSA_MAX_IOVEC | [client/server]_test_psa_write_with_invec_equal_to_max_iovec() | Call psa_write with invec_idx=PSA_MAX_IOVEC | psa_write | Alpha |
-| test_i045 | psa_write() does not return if invec_idx is greater than PSA_MAX_IOVEC | [client/server]_test_psa_write_with_invec_greater_than_max_iovec() | Call psa_write with invec_idx>PSA_MAX_IOVEC | psa_write | Alpha |
-| test_i046 | psa_write() does not return if the call attempts to write data past the end of the client output vector | [client/server]_test_psa_write_with_size_overflow() | Call psa_write with a size input one byte bigger than allowed size | psa_write | Alpha |
-| | psa_get does not return if The msg pointer provided is not a valid memory reference | | | | To be covered in Beta |
-| | psa_call does not return if address of in_vec is invalid for client | | | | To be covered in Beta |
-| | psa_call does not return if address of out_vec is invalid for client | | | | To be covered in Beta |
-| | psa_call does not return if psa_invec.base address is invalid for client | | | | To be covered in Beta |
-| | psa_call does not return if psa_outvec.base address is invalid for client | | | | To be covered in Beta |
-| | psa_call does not return if psa_invec.base addr is valid but psa_invec.base+size address is invalid for client | | | | To be covered in Beta |
-| | psa_call does not return if psa_outvec.base addr is valid but psa_invec.base+sizeaddress is invalid for client | | | | To be covered in Beta |
-| | psa_get() returns PSA_ERR_NOMSG if the SPM cannot deliver a message to the Secure Partition following the assertion of the RoT Service signal. | | | | To be covered in Beta |
-| | psa_close doesnot return if The connection is already handling a request | | | | To be covered in Beta |
-| | psa_call doesnot return if The connection is already handling a request | | | | To be covered in Beta |
-| | psa_read does not return if the memory reference for buffer is invalid or not writable | | | | To be covered in Beta |
-| | psa_write does not return if the memory reference for buffer is invalid | | | | To be covered in Beta |
-| | psa_notify does not return if Partition ID does not correspond to a Secure Partition | | | | To be covered in Beta |
-| | psa_clear does not return if The Secure Partition¿s doorbell signal is not currently asserted | | | | To be covered in Beta |
-| | 1. psa_notify(): Sends a PSA_DOORBELL signal to a specific Secure Partition. The receiving partition should be expecting the assertion of their PSA_DOORBELL signal using psa_wait(). <br />2. psa_clear() clears the PSA_DOORBELL signal. <br />3. psa_clear(): The target Partition doorbell will remain asserted until it calls psa_clear(). | | | psa_notify,psa_wait,psa_clear | To be covered in Beta |
-| | 1. psa_wait() returns the Secure Partition interrupt signals that have been asserted from the subset of signals indicated in the bitmask provided. <br /> 2. psa_eoi():Informs the SPM that an interrupt has been handled (end of interrupt). This will re-enable the interrupt line. <br />3.psa_eoi(): A signal remains active until it is processed by psa_eoi <br />4. Manifest- irqs (optional, unique)This attribute is a list of IRQ lines which are assigned to the Secure Partition.A Secure Partition always has exclusive access to an assigned IRQ. Secure Partitions are not allowed to share IRQs with other Secure Partitions.Each IRQ specified must provide a signal field. This field contains a symbolic name for the signal, used by the SPM to indicate when the interrupt is asserted. For information about signals see Signals on page 23.Each IRQ line is declared as either of the following:¿ line_num: A valid IRQ number for the platform.¿ line_name: A named IRQ, represented by a string identifier. | | | psa_wait | To be covered in Beta |
-| | psa_wait() - Signals that are not in signal_mask should be ignored. | | | psa_wait | To be covered in Beta |
-| | psa_wait() does not return signal_mask does not include any assigned signals. | | | psa_wait | To be covered in Beta |
-| | psa_eoi does not return if irq_signal is not an interrupt signal | | | | To be covered in Beta |
-| | psa_eoi does not return if irq_signal indicates more than one signal | | | | To be covered in Beta |
-| | psa_eoi does not return if irq_signal is not currently asserted | | | | To be covered in Beta |
-| No explicit test | The SPM must eventually deliver all signals and IPC messages. | | No explicit test written to cover this rule. All PSA tests are written with the expectation that the SPM delivers all requested signals and IPC message in a timely fashion. Failure to provide this will result in simulation time out. | | Alpha |
-| | A Secure Partition is guaranteed to be able to execute and read its own code regions, read its own read-only data regionsand read and write its private stack, data, and heap regions | | | | To be covered in Beta |
-| | Isolation Level-1 rules - The SPM must ensure that no runtime state, data or devices that are part of the SPE can be accessed (read or written) by firmware or hardware in the NSPE. <br />Assets considered for verifying isolation rules: <br />- Local static data (static variable declared inside function) <br />- Global data and variables <br />- Heap data and Stack data <br />- MMIO regions <br /> | | From non-secure application, access(read/write) above assets of Application RoT and PSA RoT and expect transaction fail. | | To be covered in Beta |
-| | Isolation Level-2 rules- In addition to the Level 1 requirements, Level 2 firmware isolation requires - SPM must ensure that no runtime state, data or devices that are part of the PSA Root of Trust can be accessed (read or written) by firmware or hardware in the Application Root of Trust. | | In Addition to level-1 tests, perform following checks: <br />From Application RoT partition, access(read/write) PSA RoT (SPM and PSA RoT Partition) assets and expect transaction fail. | | To be covered in Beta |
-| | Isolation Level-3 rules - In addition to the Level 1 requirements, Level 3 firmware isolation requires: <br />¿ The SPM must ensure that no runtime state, data or devices that are part of the SPM can be accessed (read or written) by firmware or hardware in any Secure Partition. <br />¿ The SPM must ensure that no runtime state, data or devices that are part of a Secure Partition can be accessed (read or written) by firmware or hardware in any other Secure Partition. | | In Addition to level-1 and level 2 tests, perform following checks: <br />From Application secure partition, access(read/write) other Application secure partition asserts and expect transaction fail. | | To be covered in Beta |
-| No explicit test | Manifest Parameter - id (required, unique)A Secure Partition ID must be a non-zero positive 32-bit value. | | PSA IPC tests partition files will be provided with unique Partition ID which is non-zero positive and name field compliant to manifest rules. | | Alpha |
-| Out of scope | Secure Partition IDs must be fixed across updates | | Checking for Partition IDs across SPM updates is out of scope for PSA IPC tests. | | |
-| | Manifest Parameter- type (required) <br />Whether the Partition is a part of the PSA Root of Trust Services or is part of the Application Root of Trust Services.Type must be assigned one of the following values:- APPLICATION-ROT- PSA-ROT | | PSA IPC tests partition files will be provided with these field. Access permission related to these fields will be verified as part of tests covering isolation level rules. | | To be covered in Beta |
-| No explicit test | Manifest Parameter - description (optional) <br />This attribute contains a human-readable description and comments for the Secure Partition. | | PSA IPC tests partition files will be provided with these field with adhere to manifest rules | | To be covered in Beta |
-| Out of scope | Manifest Parameter - priority (required) <br />Partitions must be assigned one of the following priority groups:¿ HIGH¿ NORMAL¿ LOWLOW is the lowest priority. Priority is ignored by SPMs that do not implement any priority-based scheduling | | PSA IPC tests partition files are provided with priority field equal to LOW. Use of these fields are higly dependent on type of SPM scheduling policy and verifying scheduling policy is out of scope for IPC tests | | |
-| No explicit test | Manifest Parameter -entry_point (required, unique) <br />The Partition entry point in the form of an C function symbol. A single entry point must be provided. | | No explicit test written to cover this rule. PSA IPC tests manifests are provided with tests partition entry_point. A successful luanch and run of tests partition code indirectly verify this field. | | Alpha |
-| No explicit test | Manifest Parameter- stack_size (required) <br />Partition's stack size in bytes.The size value must be represented either as a positive integer or as a hexadecimal string. | | No explicit test written to cover this rule. PSA IPC tests manifests are provided with tests partition required stack_size. A successful run of tests partition code indirectly verify this field. | | Alpha |
-| | Manifest Parameter- heap_size (optional) <br />Partition's heap size in bytes. The size value must be represented either as a positive integer or as a hexadecimal string. If this field is not specified then the heap size must be set to 0. | | | | To be covered in Beta |
-| No explicit test | Manifest Parameter- linker_pattern(Required) <br />This attribute contains the minimum information required to link a Secure Partition¿s compiled static objects. It contains a mandatory sub attribute called object_list.The object_list is an explicit list of the expected binary objects of a Secure Partition once it is compiled. For example, this list may contain the names of the main entry-point binary and any other static library objects that the Secure Partition contains. | | No explicit test written to cover this rule. PSA IPC tests manifests are provided with linker_pattern filled with required tests partition object archives. A successful compilation and run of tests partition code indirectly verify this field. | | Alpha |
-| No explicit test | Manifest Parameter- RoT Services (optional, unique) <br />A Partition must declare all of the RoT Services that it implements. This includes at least four identifying pieces of information:¿ The sid field contains the SID value.¿ The signal field contains an alphanumeric string for use with psa_get().¿ The name field contains an alphanumeric string for use with psa_connect(). | | PSA IPC tests manifests are provided with these fields. A successful compilation and run of tests partition code indirectly verify this field. | | Alpha |
-| No explicit test | mmio_regions (optional, unique) <br />List of memory-mapped I/O region objects which the Secure Partition needs access to. A Secure Partition always has exclusive access to an MMIO region. Secure Partitions are not permitted to share MMIO regions with other Secure Partitions.An MMIO region can be defined either as a:¿ numbered_region¿ named_regionA numbered region consists of a base address and a size. The size must be represented either as a positive integer or as a hexadecimal string. The base address must be represented as a hexadecimal string.An MMIO region must include a permission attribute. The following permissions are available:¿ READ-ONLY¿ READ-WRITEMMIO regions must not overlap. | | PSA IPC tests device driver partition manifests are provided with these fields. A successful compilation and run of device driver partition code indirectly verify this field. Rules around sharing of MMIO regions can't be test as sharing of MMIO regions between secure partition will result into compilation fail.PSA tests partition relies on numbered_region only as named_region is subject to resolved in Implementation defined manner. | | To be covered in Beta |
-| No explicit test | Manifest Input - psa_framework_version - Version of the PSA Firmware Framework specification this manifest conforms to. | | PSA IPC tests manifests are provided with this field. A successful compilation and run of tests partition code indirectly verify this field. | | Alpha |
+| Tests | Scenario Rules | Client- Server Test Functions Pair | Test Algorithm/Comments/Test Limitation | PSA API Crosses | Is scenario implemented in this release? |
+|------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------|------------------------------------------|
+| test_i001 | 1. psa_framework_version(): Retrieve the version of the PSA Framework API that is implemented. Manifest field- psa_framework_version: Version of the PSA Firmware Framework specification this manifest conforms to. | [client/server]_test_psa_framework_version() | Call the psa_framework_version() API at both side SPE and NSPE and compare the return value with PSA_FRAMEWORK_VERSION. | psa_framework_version | Yes |
+| | 1. psa_version() returns PSA_VERSION_NONE when the RoT Service is not implemented, or the caller is not permitted to access the service OR return > 0 with the minor version of the implemented RoT Service. | [client/server]_test_psa_version() | 1. Pass un-implemented SID and expects PSA_VERSION_NONE as return value. <br />2. Call to API from NSPE with a SID who doesn't provide service to NSPE and expects PSA_VERSION_NONE as return value. <br />3. Pass SID who is implemented and provides service to NSPE and expect minor number(>0) of given RoT service as return. <br />Perform all above checks from SPE too. | psa_version | Yes |
+| test_i002 | 1. psa_connect() returns the PSA_CONNECTION_BUSY when RoT Service cannot make the connection at the moment (transient error). <br />2. psa_connect() returns the PSA_CONNECTION_REFUSED when RoT Service has refused the connection <br />3. psa_wait() returns the Secure Partition interrupt signals that have been asserted from a subset of signals provided by the caller. Returns > 0 when at least one signal is asserted <br />4. psa_get():Get the message which corresponds to a given RoT Service signal and remove the message from the queue. <br />5. psa_get() returns PSA_SUCCESS when *msg will contain the delivered message. <br />6. The type member of the psa_msg_t object should return PSA_IPC_CONNECT for a new connection request following a psa_get() call to psa_connect() and msg.handle must be positive. <br />7. psa_reply(): If the message type is PSA_IPC_CONNECT then server can reject the connection by sending PSA_CONNECTION_REFUSED (permanent error) or PSA_CONNECTION_BUSY (transient error) status code. <br /> | [client/server]_test_connection_busy_and_reject() | 1. Client tries to connect to ROT service using psa_connect() <br />2. RoT service checks the delivery of PSA_IPC_CONNECT message type and positive handle value returned by psa_get() <br />3. RoT service rejects the connection by executing psa_reply(handle,PSA_CONNECTION_BUSY) <br />4. Client tries to connect to same ROT service using psa_connect() again <br />5. This time, RoT service rejects the connection by executing psa_reply(handle,PSA_CONNECTION_REFUSED) <br />Perform all above steps from NSPE and SPE both. | psa_connect,psa_wait,psa_get,psa_reply | Yes |
+| | 1. psa_connect(): When SID is implemented and client is permitted to access the service, SPM delivers a PSA_IPC_CONNECT message from the client to the Secure Partition that implements the RoT Service and positive handle is returned to client. <br />2. psa_get():Get the message which corresponds to a given RoT Service signal and remove the message from the queue. <br />3. psa_get() returns PSA_SUCCESS when *msg will contain the delivered message <br />4. psa_get():The type member of the psa_msg_t object should return PSA_IPC_CONNECT for a new connection request following a psa_get() call to psa_connect() and msg.handle must be positive. <br />5. psa_get(): The type member of the psa_msg_t object should return PSA_IPC_DISCONNECT for a new connection request following a psa_get() call to psa_close() and msg.handle must be positive. <br />6. psa_reply(): If the message type is PSA_IPC_CONNECT then server can accept the connection by sending PSA_SUCCESS status code. If the message type is PSA_IPC_DISCONNECT then the status code is ignored. <br />7. psa_close(): Closes a connection to a RoT Service. Sends the PSA_IPC_DISCONNECT message to the RoT Service. This function will have no effect if called with the null handle. <br /> | [client/server]_test_accept_and_close_connect() | 1.Client tries to connect to ROT service <br /> 2. RoT service checks the delivery of PSA_IPC_CONNECT message type and positive handle value return by psa_get() <br />3. RoT service accepts the connection by executing psa_reply(.., PSA_CONNECTION_ACCEPTED). <br />4. Client calls the psa_close with PSA_NULL_HANDLE and later it closes the connection using psa_close() with actual handle value <br />5. RoT service checks the delivery of PSA_IPC_DISCONNECT message type, checks handle value eqaul to NULL returned by psa_get() and completes the PSA_IPC_DISCONNECT by executing psa_reply() . <br />Perform all above steps from NSPE and SPE both. | psa_connect,psa_wait,psa_get,psa_reply,psa_close | Yes |
+| | Following are allowed minor version condition to psa_connect(): <br /> 1. Version policy is not mentioned and requested version is 1 which is default minimum version <br />2. Version policy is STRICT and requested version equals minimum version <br />3. Version policy is relaxed and requested version is smaller than the minimum version <br /> 4. Version policy is relaxed and requested version is euqal to the minimum version <br /> | [client/server]_test_connect_with_allowed_minor_version_policy() | Client tries connecting ROT service of following properties and expects connection to establish: <br /> - Version policy is not mentioned and requested version is 1 which is default minimum version <br /> - Version policy is STRICT and requested version equals minimum version <br /> - Version policy is relaxed and requested version is smaller than the minimum version <br /> - Version policy is relaxed and requested version is equal to the minimum version <br />Perform all above steps from NSPE and SPE both. | psa_connect | Yes |
+| | 1. psa_call(): The valid psa_call, make SPM to send PSA_IPC_CALL msg.type to the RoT servicee partition and the successful call should return >=0 handle value. <br />2. psa_call() receives return value >= 0 for RoT-specific return code <br />3. psa_call() receive return value < 0 for RoT-specific error code <br />4. psa_reply(): If the message type is PSA_IPC_CALL and ROT service want to end call with success then the return code must be PSA_SUCCESS or and positive integers are used to indicate RoT Service specific result values(this must be reported to client). All other return codes (INT32_MIN+128 to -1) are reported to the client. | [client/server]_test_psa_call_with_allowed_status_code() | 1. Client connects to RoT service <br />2. Client sends message using psa_call() <br />3. RoT service checks the delivery of PSA_IPC_CALL message type and positive handle value return by psa_get() <br />4. RoT service ends the call using psa_reply(status_code) <br />5. Client checks the return value of psa_call() and Client closes the connectionRepeat (1) to (5) for different status code, SUCCESS, +ve, -ve.. <br />Perform all above steps from NSPE and SPE both. | psa_call,psa_reply | Yes |
+| | 1. A msg.client_id that has a positive value indicates that the client is in the SPE and this the Secure Partition ID of the client. A negative client_id indicates that the client is in the NSPE. <br />2. Client_id is valid during PSA_IPC_CONNECT, PSA_IPC_CALL and PSA_IPC_DISCONNECT msg type. <br />3. Manifest Parameter- name (required, unique) <br />A Partition must have an alphanumeric name for source code to directly refer to a specific Partition. The format of the name must follow the rules of a C macro. <br />4. Manifest Parameter - id (required, unique) <br />It must be represented by a hexadecimal string. The Secure Partition ID can be referenced in Secure Partition source code via the symbolic name specified as name attribute. The symbol must have the value of the Secure Partition ID. <br /> | [client/server]_test_identity() | - Check the value returned by msg.client_id during PSA_IPC_CONNECT, PSA_IPC_CALL and PSA_IPC_DISCONNECT. For NSPE connection, client_id should be <0 and for SPE, it should be >0. <br />Perform all above steps from NSPE and SPE both. <br />- Access the Partition ID of client partition and compare the value with expected ID value. | psa_get | Yes |
+| | 1. psa_connect() will return the PSA_CONNECTION_REFUSED OR PSA_CONNECTION_BUSY when the SPM has reached the limit of concurrent connections | [client/server]_test_spm_concurrent_connect_limit() | Execute psa_connect() API in a loop until it returns PSA_CONNECTION_REFUSED or PSA_CONNECTION_BUSY <br />Perform above step from NSPE and SPE both. | psa_connect | Yes |
+| | 1. psa_wait(): When MODE(PSA_BLOCK) is one, the function will block the caller until one of the requested signals is asserted. <br />2. psa_wait(): Callers must set RES to zero, implementations must ignore the value of RES. <br /> | [client/server]_test_psa_block_behave() | 1. Client connects to a RoT service mutilpe times. <br />2. RoT service psa_wait(PSA_BLOCK|(Non-zero value for timeout[30:0])) API is executed without while(1) loop. <br />3. RoT service serves the connections by rejecting them. <br />This is a sanity check, a successful handshaking between client and server for requested connection represents check pass. <br />Perform above steps from NSPE and SPE both. | psa_wait | Yes |
+| | 1. psa_wait(): When MODE is zero, the function will return immediately with the current signal state, which can be zero if no signals are active. | [client/server]_test_psa_poll_behave() | 1. Client connects to a RoT service mutilpe times. <br />2. RoT service executes psa_wait(PSA_POLL) in a while loop and checks the API's polling behaviour. <br />3. Call psa_wait(PSA_POLL) when no request is made by client and checks the return value. <br />Perform above steps from NSPE and SPE both. | psa_wait | Yes |
+| test_i003 | 1. The reverse handle for a connection is NULL until psa_set_rhandle() is used. psa_set_rhandle() can be used to associate some caller-provided private data with a specified client connection. And SPM must provide same rhandle for msg.rhandle with all subsequent messages delivered on this connection. On success the rhandle is retained by the implementation and provided in all future messages on that connection as part of the psa_msg_t structure. <br />2. Setting the rhandle for a connection during disconnection has no observable effect. | [client/server]_test_psa_set_rhandle() | 1. Client connects to RoT service and RoT service checks the value of msg.rhanlde value duing PSA_IPC_CONNECT2. Client send call msg to RoT service and RoT service checks the value of msg.rhanlde value duing PSA_IPC_CONNECT <br />3. ROT service sets the rhandle with known value. <br />4. Client send call msg to RoT service and RoT service now compare the value of msg.rhanndle with previously set value <br />5. ROT service sets the rhandle with known value other than previously set value <br />6. Client send call msg to RoT service and RoT service now compare the value of msg.rhanndle with last set value <br />7. The reverse handle for a connection is NULL until psa_set_rhandle() is used <br />Perform above steps from NSPE and SPE both. | psa_set_rhandle,psa_get | Yes |
+| | 1. psa_call():The caller can optionally provide one or more buffers to receive a response (out_vec). <br />2. psa_get(): The array in_size provides the size of each client input vector in bytes. The array out_size provides the size of each client output vector in bytes. <br />3. psa_read(): parameter from the client input vector. Streams up to the next num_bytes bytes of client input vector invec_idx in the message identified by msg_handle to the Secure Partition buffer. Returns the number of bytes copied. <br />4. psa_read(): If num_bytes is less than or equal to the available data in the input vector then num_bytes are copied to buffer, and the remaining data in the input vector can be read by subsequent calls to psa_read() with the same msg_handle and invec_idx. <br />5. psa_read(): RoT Services can determine how much data is available to read from the message based on the in_size[] attribute of the psa_msg_t message returned from psa_get(). If an input vector has not been passed by the client then the corresponding in_size[] for that vector is zero. <br />6. psa_read(): If num_bytes is greater than the remaining data in the input vector then the remaining input bytes are copied to buffer and the call returns the number of bytes copied. Any space after this in buffer is not modified. Subsequent calls of psa_read() or psa_skip() with the same message input vector will report that there is no more data in the vector. <br />7. psa_skip(): Skip over part of a client input vector. Advances the current read offset by skipping up to num_bytes bytes for input vector invec_idx in the message identified by msg_handle. psa_skip(): When psa_skip returns, it returns with the number of bytes skipped <br />8. psa_skip(): If There was no remaining data in this input vector, return zero <br />9.psa_skip(): If num_bytes is greater than the remaining size of the input vector then the remaining size of the input vector is returned. Subsequent calls of psa_read() or psa_skip() with the same message input vector will report that there is no more data in the vector. <br /> | [client/server]_test_call_read_and_skip() | 1.Client connects to RoT service <br />2.Client sends four input vectors to RoT service using psa_call <br />3. RoT service checks following: <br /> - Reporting of input vectors size through msg.in_size <br /> - Input vectors content reading through psa_read <br /> -Inbound /Outbound offset reading <br /> -Inbound/Outbound offset skipping <br /> -Zero byte read and skip <br /> -out_len=0 check <br />4. Client recieves the status of RoT service checks and closes the connection <br />Perform above steps from NSPE and SPE both. | psa_call,psa_read,psa_skip,psa_get, | Yes |
+| | 1. psa_call(): The caller can optionally provide one or more buffers to receive a response (out_vec). On return from psa_call() the len value will have been updated to indicate the number of bytes of data written to the buffer by the RoT Service. <br />2. psa_write(): Appends num_bytes of data from buffer to the client output vector outvec_idx in the message identified by msg_handle. Sequential calls using the same msg_handle and outvec_idx will be concatenated in the output vector | [client/server]_test_call_and_write() | 1. Client connects to RoT service <br />2. Client sends four output vectors to RoT service using psa_call <br />3. RoT service checks following: <br /> - Reporting of output vectors size through msg.out_size <br /> - in_len=0 check <br /> - zero byte write <br /> - Out vector writes using psa_write <br /> - Vector write concatenation <br />4. Client recieves the status of RoT service checks, cross check the content of out vectors and closes the connection <br />Perform above steps from NSPE and SPE both. | psa_call,psa_get,psa_write | Yes |
+| | 1. psa_call(): Any I/O vector of length zero is permitted and will be treated as an empty or non-existent vector by the framework. When less than four vectors are provided to psa_call() for either input or output, then the remaining vectors have zero length and the in_size and out_size elements for these vectors will be zero.A memory reference contains a start address and an associated length. A zero-length memory reference is one where the length is zero. The start address of a zero-length memory reference can safely take any value and must be ignored by the implementation. <br />2. psa_call(): If in_len is zero then in_vec is ignored <br />3. sa_call(): If out_len is zero then out_vec is ignored <br />4. psa_get(): If an input and output vector has not been passed by the client then the corresponding in_size[] and out_size[] for that vector is zero. | [client/server]_test_zero_length_invec()[client/server]_test_zero_length_outvec() | Test zero lenth input vector: <br />1. Client connects to RoT service <br />2. Client sends three input and one outvec vectors to RoT service using psa_call - invec 0 as zero length vector, invec 1 as NULL and invec 2 and outvec 0 as non-zero length vector <br />3. RoT service checks size of each vectors reported through msg.in_size and msg.out_size <br />4. Client recieves the status of checks and closes the connection <br />Test zero lenth output vector: <br />1. Client connects to RoT service <br />2. Client sends one input and three outvec vectorsto RoT service using psa_call - outvec 0 as zero length vector, outvec 0 as NULL and invec 0 and outvec 2 as non-zero length vector <br />3. RoT service checks size of each vectors reported through msg.in_size and msg.out_size <br />4. Client recieves the status of checks and closes the connection <br />Perform above steps from NSPE and SPE both. | psa_call,psa_get | Yes |
+| | 1. When client provides an input and output vectors which are referencing to same memory location, a psa_read after psa_write to the same memory location can return original or modified value. <br />2. When client provides an input and output vectors which are referencing to same memory location, a psa_write(s) to both memory vectors can return either the 1st or the 2nd value written. | [client/server]_test_overlapping_vectors | 1. Client provides one input and 2 output vectors which are pointing to same location. <br />2. RoT service performs read after write operation on to outvec-0 and expects return value either modified one or the original <br />3. RoT service performs write operation to outvec-1 and unblock the connection. The write performed is to mimic write after write operatio to the overlapping vector. <br />4. Client check the value of outvec. The value should be either the value written by first psa_write or the second psa_write. | psa_call,psa_write,psa_read | Yes |
+| test_i004 | psa_connect() does not return if RoT Service does not exist on platform | [client/server]_test_sid_does_not_exists() | Call psa_connect with SID which does not exist on a platform <br />Perform above step from NSPE and SPE both. | psa_connect | Yes |
+| test_i005 | psa_connect() does not return if Version policy is STRICT and requested version is HIGHER than minimum version | [client/server]_test_strict_policy_higher_minor_version() | call psa_connect with SID whose Version policy is STRICT and requested minor version is HIGHER than minimum version. <br />Perform above step from NSPE and SPE both. | psa_connect | Yes |
+| test_i006 | psa_connect() does not return if Version policy is STRICT and requested version lower than minimum version | [client/server]_test_strict_policy_lower_minor_version() | call psa_connect with SID whose Version policy is STRICT and requested minor version is Lower than minimum version. <br />Perform above step from NSPE and SPE both. | psa_connect | Yes |
+| test_i007 | psa_connect() does not return if Version policy is RELAXED and requested version is bigger than minimum version | [client/server]_test_relax_policy_higher_minor_version() | call psa_connect with SID whose Version policy is RELAXED and requested minor version is HIGHER than minimum version. <br />Perform above step from NSPE and SPE both. | psa_connect | Yes |
+| test_i008 | 1. psa_connect() does not return if Service to non_secure_client is not available <br />2. Manifest parameter - The non_secure_clients field contains a boolean to indicate if it is accessible to NSPE clients. RoT Services are always accessible to SPE clients. | [client/server]_test_secure_access_only_connection() | Call psa_connect with SID which allow secure only connection. <br />Perform above step from NSPE and SPE both. | psa_connect | Yes |
+| test_i009 | 1. psa_connect() does not return if SID is not mentioned in dependencies field. <br />2. Manifest parameter- dependencies (optional) <br />If access between a Secure Partition (acting as client) and a RoT Service (acting as server) is not specified in the manifest, then the client is not permitted to connect to the RoT Service. | [client/server]_test_unextern_sid_connection() | Call psa_connect with SID which is not mentioned as external SID in manifest. | psa_connect | Yes |
+| test_i010 | It is not required for the minor_version or minor_policy attributes to be specified. If they are not specified in the manifest, the RoT Service will have default attributes of minor_version=1 and minor_policy="STRICT". psa_connect() does not return if requested version higher than minimum version | [client/server]_test_unspecified_policy_with_higher_minor_ver() | Call psa_connect with SID whose Version policy is not mentioned and requested minor version is HIGHER than minimum version. <br />Perform above step from NSPE and SPE both. | psa_connect | Yes |
+| test_i011 | It is not required for the minor_version or minor_policy attributes to be specified. If they are not specified in the manifest, the RoT Service will have default attributes of minor_version=1 and minor_policy="STRICT". psa_connect() does not return if requested version lower than minimum version | [client/server]_test_unspecified_policy_with_lower_minor_ver() | Call psa_connect with SID whose Version policy is not mentioned and requested minor version is lower than minimum version. <br />Perform above step from NSPE and SPE both. | psa_connect | Yes |
+| test_i012 | psa_close() does not return if an invalid handle was provided that is not the null handle | [client/server]_test_psa_close_with_invalid_handle() | Call psa_close with INVALID_HANDLE which is not NULL. <br />Perform above step from NSPE and SPE both. | psa_close | Yes |
+| test_i013 | psa_get() does not return if signal has more than a single bit set | [client/server]_test_psa_get_with_more_than_one_signal() | Call psa_get with a signal who has more than a single bit set | psa_get | Yes |
+| test_i014 | After a RoT Service message is signaled, psa_get() function is used to retrieve the message details. Each message can only be retrieved once. | [client/server]_test_psa_get_called_twice() | Call psa_get with a valid signal back to back. | psa_get | Yes |
+| test_i015 | psa_get() does not return if signal does not correspond to a RoT Service | [client/server]_test_psa_get_with_non_rot_signal() | Call psa_get with DOORBELL signal | psa_get | Yes |
+| test_i016 | psa_get() does not return if The RoT Service signal is not currently asserted | [client/server]_test_psa_get_with_unasserted_signal() | Call psa_get with singal which is currently not asserted | psa_get | Yes |
+| test_i017 | Each RoT Service listed creates a dependency from the client Partition to a server Partition. Within the resulting network of dependencies, there must be no circular dependencies between Secure Partitions. This would result in deadlock because the Service requests are always synchronous.For the same reason, a Secure Partition must not use a RoT Service that is defined within itself. Direct function calls must be used instead of IPC where there is a dependency between RoT Services within a single Secure Partition. | [client/server]_test_partition_calling_its_own_rot_service() | Partition calling its own ROT service using psa_connect. | psa_connect | Yes |
+| test_i018 | psa_set_rhandle() does not return if an invalid message handle was provided | [client/server]_test_psa_set_rhandle_with_invalid_handle() | Call psa_set_rhanlde with an INVALID_HANDLE which is not NULL | psa_set_rhandle | Yes |
+| test_i019 | psa_set_rhandle() does not return if Null handle was passed | [client/server]_test_psa_set_rhandle_with_null_handle() | Call psa_set_rhanlde with NULL handle | psa_set_rhandle | Yes |
+| test_i020 | If messgae type if is PSA_IPC_CONNECT then use of status values in psa_reply() other than PSA_SUCCESS or PSA_CONNECTION_REFUSED is a fatal programming error | [client/server]_test_psa_reply_with_invalid_connect_status_code() | Call to psa_reply during PSA_IPC_CONNECT with status code other than PSA_SUCCESS and PSA_CONNECTION_REFUSED | psa_reply | Yes |
+| test_i021 | If message type if PSA_IPC_CALL , the use of other reserved status codes in the range INT32_MIN+1 to INT32_MIN+127 for psa_reply() is a fatal programming error. | [client/server]_test_psa_reply_with_invalid_call_status_code() | Call to psa_reply during PSA_IPC_CALL with status code other than allowed code | psa_reply | Yes |
+| test_i022 | psa_reply() does not return if the message handle is invalid | [client/server]_test_psa_reply_with_invalid_handle() | Call psa_reply with an INVALID_HANDLE which is not NULL | psa_reply | Yes |
+| test_i023 | psa_reply() does not return if the message handle is Null handle | [client/server]_test_psa_reply_with_null_handle() | Call psa_reply with a NULL HANDLE | psa_reply | Yes |
+| test_i024 | psa_call() does not return if an invalid handle was passed | [client/server]_test_psa_call_with_invalid_handle() | Call psa_call with an INVALID_HANDLE which is not NULL.Perform this step from NSPE and SPE both. | psa_call | Yes |
+| test_i025 | psa_call() does not return if an null handle was passed | [client/server]_test_psa_call_with_null_handle() | Call psa_call with a NULL HANDLE. <br />Perform this step from NSPE and SPE both. | psa_call | Yes |
+| test_i026 | psa_call() does not return if in_len + out_len > PSA_MAX_IOVEC | [client/server]_test_psa_call_with_iovec_more_than_max_limit() | Call psa_call with more than four IOVECs. <br />Perform this step from NSPE and SPE both. | psa_call | Yes |
+| test_i027 | 1. psa_call() returns PSA_DROP_CONNECTION when the connection has been dropped by the RoT Service. This indicates that either this or a previous message was invalid(The SPM will implement one of the following behaviors in this situation:¿ this is a client fatal error and psa_call() will not return¿ psa_call() returning PSA_DROP_CONNECTION. In this case, all subsequent calls to psa_call() on this connection will immediately return PSA_DROP_CONNECTION and the connection must be closed) <br />2. psa_reply(): If the message type is PSA_IPC_CALL and the client has made an invalid request, then the RoT Service can request for the connection to be terminated by calling psa_reply() with return value PSA_DROP_CONNECTION. After this, the RoT Service will receive no further PSA_IPC_CALL messages on that connection. The SPM will deliver a PSA_IPC_DISCONNECT to the RoT Service to release any resources associated with that connection. | [client/server]_test_psa_drop_connection() | RoT service executes psa_reply with status code eqaul to PSA_DROP_CONNECTION during PSA_IPC_CALL.Client expects either PSA_DROP_CONNECTION as returned status code or does not return condition for psa_call. <br />Perform above steps from NSPE and SPE both. | psa_call | Yes |
+| test_i028 | psa_read() does not return if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_read_at_ipc_connect() | Call psa_read during PSA_IPC_CONNECT | psa_read | Yes |
+| test_i029 | psa_read() does not return if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_read_at_ipc_disconnect() | Call psa_read during PSA_IPC_DISCONNECT | psa_read | Yes |
+| test_i030 | psa_read() does not return if Null handle was passed | [client/server]_test_psa_read_with_null_handle() | Call psa_read with NULL handle | psa_read | Yes |
+| test_i031 | psa_read() does not return if Invalid handle was passed | [client/server]_test_psa_read_with_invalid_handle() | Calll psa_read with INVALID_HANDLE which is not NULL | psa_read | Yes |
+| test_i032 | psa_read() does not return if invec_idx is equal to PSA_MAX_IOVEC | [client/server]_test_psa_read_with_invec_equal_to_max_iovec() | Call psa_read with invec_idx=PSA_MAX_IOVEC | psa_read | Yes |
+| test_i033 | psa_read() does not return if invec_idx is greater than PSA_MAX_IOVEC | [client/server]_test_psa_read_with_invec_greater_than_max_iovec() | Call psa_read with invec_idx>PSA_MAX_IOVEC | psa_read | Yes |
+| test_i034 | psa_skip() does not return if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_skip_at_ipc_connect() | Call psa_skip during PSA_IPC_CONNECT | psa_skip | Yes |
+| test_i035 | psa_skip() does not return if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_skip_at_ipc_disconnect() | Call psa_skip during PSA_IPC_DISCONNECT | psa_skip | Yes |
+| test_i036 | psa_skip() does not return if Null handle was passed | [client/server]_test_psa_skip_with_null_handle() | Call psa_skipwith NULL handle | psa_skip | Yes |
+| test_i037 | psa_skip() does not return if Invalid handle was passed | [client/server]_test_psa_skip_with_invalid_handle() | Calll psa_skip with INVALID_HANDLE which is not NULL | psa_skip | Yes |
+| test_i038 | psa_skip() does not return if invec_idx is equal to PSA_MAX_IOVEC | [client/server]_test_psa_skip_with_invec_equal_to_max_iovec() | Call psa_skip with invec_idx=PSA_MAX_IOVEC | psa_skip | Yes |
+| test_i039 | psa_skip() does not return if invec_idx is greater than PSA_MAX_IOVEC | [client/server]_test_psa_skip_with_invec_greater_than_max_iovec() | Call psa_skip with invec_idx>PSA_MAX_IOVEC | psa_skip | Yes |
+| test_i040 | psa_write() does not return if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_write_at_ipc_connect() | Call psa_write during PSA_IPC_CONNECT | psa_write | Yes |
+| test_i041 | psa_write() does not return if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_write_at_ipc_disconnect() | Call psa_write during PSA_IPC_DISCONNECT | psa_write | Yes |
+| test_i042 | psa_write() does not return if Null handle was passed | [client/server]_test_psa_write_with_null_handle() | Call psa_write with NULL handle | psa_write | Yes |
+| test_i043 | psa_write() does not return if Invalid handle was passed | [client/server]_test_psa_write_with_invalid_handle() | Calll psa_write with INVALID_HANDLE which is not NULL | psa_write | Yes |
+| test_i044 | psa_write() does not return if invec_idx is equal to PSA_MAX_IOVEC | [client/server]_test_psa_write_with_invec_equal_to_max_iovec() | Call psa_write with invec_idx=PSA_MAX_IOVEC | psa_write | Yes |
+| test_i045 | psa_write() does not return if invec_idx is greater than PSA_MAX_IOVEC | [client/server]_test_psa_write_with_invec_greater_than_max_iovec() | Call psa_write with invec_idx>PSA_MAX_IOVEC | psa_write | Yes |
+| test_i046 | psa_write() does not return if the call attempts to write data past the end of the client output vector | [client/server]_test_psa_write_with_size_overflow() | Call psa_write with a size input one byte bigger than allowed size | psa_write | Yes |
+| test_i047 | psa_get does not return if The msg pointer provided is not a valid memory reference | [client/server]_test_psa_get_with_invalid_msg_pointer() | Call psa_get with invalid msg pointer. <br /> Selection of invalid pointer is as below:<br />if (ISOLATION_LEVEL > 1)<br /> // PSA RoT Pointer <br /> psa_get(msg_pointer = driver_mmio_base);<br />else<br /> psa_get(msg_pointer = NULL);<br /> | psa_get | Yes |
+| test_i048 | psa_call does not return if address of in_vec is invalid for client | [client/server]_test_psa_call_with_invalid_invec_pointer | Call psa_call with invalid address for invec<br /> Selection of invalid invec pointer is as below:<br /> if caller == NONSECURE<br /> // PSA RoT pointer<br /> invec_pointer = driver_mmio_base;<br /><br /> else<br /><br /> if (ISOLATION_LEVEL > 1)<br /> invec_pointer = driver_mmio_base;<br /> else<br /> invec_pointer = NULL; | psa_call | Yes |
+| test_i049 | psa_call does not return if address of out_vec is invalid for client | [client/server]_test_psa_call_with_invalid_outvec_pointer() | Call psa_call with invalid address for outvec<br /> Selection of invalid outvec pointer is as below:<br /> if caller == NONSECURE<br /> // PSA RoT pointer<br /> outvec_pointer = driver_mmio_base;<br /><br /> else<br /><br /> if (ISOLATION_LEVEL > 1)<br /> outvec_pointer = driver_mmio_base;<br /> else<br /> outvec_pointer = NULL; | psa_call | Yes |
+| test_i050 | psa_call does not return if psa_invec.base address is invalid for client | [client/server]_test_psa_call_with_invalid_invec_base() | Call psa_call with invalid address for psa_invec.base<br /> Selection of invalid base is as below:<br /> if caller == NONSECURE<br /> // PSA RoT pointer<br /> invalid_base = driver_mmio_base;<br /><br /> else<br /><br /> if (ISOLATION_LEVEL > 1)<br /> invalid_base = driver_mmio_base;<br /> else<br /> invalid_base = NULL; | psa_call | Yes |
+| test_i051 | psa_call does not return if psa_outvec.base address is invalid for client | [client/server]_test_psa_call_with_invalid_outvec_base() | Call psa_call with invalid address for psa_outvec.base<br /> Selection of invalid base is as below:<br /> if caller == NONSECURE<br /> // PSA RoT pointer<br /> invalid_base = driver_mmio_base;<br /><br /> else<br /><br /> if (ISOLATION_LEVEL > 1)<br /> invalid_base = driver_mmio_base;<br /> else<br /> invalid_base = NULL; | psa_call | Yes |
+| test_i052 | psa_call does not return if psa_invec.base addr is valid but psa_invec.base+size address is invalid for client | [client/server]_test_psa_call_with_invalid_invec_end_addr() | Call psa_call with valid address for psa_invec.base but (psa_invec.base + psa_invec.size) pointing to invalid address<br /> Selection of base and size are as below:<br /> if caller == NONSECURE<br /> valid_base = nspe_mmio_region_base;<br /> invalid_size = (driver_mmio_region_base - nspe_mmio_region_base + 1);<br /><br /> else<br /><br /> if (ISOLATION_LEVEL > 1)<br /> valid_base = client_mmio_region_base;<br /> invalid_size = (driver_mmio_region_base - client_mmio_region_base + 1);<br /> | psa_call | Yes |
+| test_i053 | psa_call does not return if psa_outvec.base addr is valid but psa_invec.base+sizeaddress is invalid for client | [client/server]_test_psa_call_with_invalid_outvec_end_addr() | Call psa_call with valid address for psa_outvec.base but (psa_outvec.base + psa_outvec.size) pointing to invalid address<br /> Selection of base and size are as below:<br /> if caller == NONSECURE<br /> valid_base = nspe_mmio_region_base;<br /> invalid_size = (driver_mmio_region_base - nspe_mmio_region_base + 1);<br /><br /> else<br /><br /> if (ISOLATION_LEVEL > 1)<br /> valid_base = client_mmio_region_base;<br /> invalid_size = (driver_mmio_region_base - client_mmio_region_base + 1);<br /> | psa_call | Yes |
+| test_i054 | psa_call does not return if psa_outvec.base is not writable | [client/server]_test_psa_call_with_not_writable_outvec_base() | Call psa_call with not writable (function address - code memory) psa_outvec.base | psa_call | Yes |
+| test_i055 | psa_read does not return if the memory reference for buffer is invalid | [client/server]_test_psa_read_with_invalid_buffer_addr() | Call psa_read with invalid buffer addr.<br />Selection of buffer address is as below:<br />if (ISOLATION_LEVEL > 1)<br /> buffer = driver_mmio_region_base;<br />else <br /> buffer = NULL; <br /> | psa_read | Yes |
+| test_i056 | psa_read does not return if the memory reference for buffer is not writable | [client/server]_test_psa_read_with_not_writable_buffer_addr() | Call psa_read with not writable (function address- code memory) | psa_read | Yes |
+| test_i057 | psa_write does not return if the memory reference for buffer is invalid | [client/server]_test_psa_write_with_invalid_buffer_addr() | Call psa_write with invalid buffer addr.<br /> Selection of buffer address is as below:<br />if (ISOLATION_LEVEL > 1)<br /> buffer = driver_mmio_region_base;<br />else <br /> buffer = NULL; <br /> | psa_write | Yes |
+| test_i058 | 1. psa_notify() is used to asynchronously wake up another Secure Partition. The receiving partition uses psa_wait() to detect, or wait for, assertion of its PSA_DOORBELL signal. The value of partition_id must be greater than zero as the target of notification must be a Secure Partition. <br />2. psa_clear() clears the PSA_DOORBELL signal. <br />3. psa_clear(): The target Partition doorbell will remain asserted until it calls psa_clear(). | [client/server]_test_psa_doorbell_signal() | 1. Client connects to RoT service. <br />2. RoT services executes asserts PSA_DOORBELL singal back to client after accepting the connection.<br />3. Client checks the delivery of PSA_DOORBELL singal using psa_wait().<br />4. Client clears the doorbell and closes the connection. <br />5. RoT service receives the closing connection request.<br /> | psa_notify,psa_wait,psa_clear | Yes |
+| test_i059 | psa_notify does not return if Partition ID does not correspond to a Secure Partition | [client/server]_test_psa_notify_with_neg_part_id() | Call psa_notify with negative partition id | psa_notify | Yes |
+| test_i060 | psa_notify does not return if Partition ID does not correspond to a Secure Partition | [client/server]_test_psa_notify_with_invalid_pos_part_id() | Call psa_notify with positive partition id which does not exist in the platform | psa_notify | Yes |
+| test_i061 | psa_clear does not return if The Secure Partition¿s doorbell signal is not currently asserted | [client/server]_test_psa_clear_at_unasserted_doorbell_sig() | Call psa_clear when doorbell signal is not asserted | psa_clear | Yes |
+| test_i062 | psa_wait() does not return signal_mask does not include any assigned signals. | [client/server_test_psa_wait_with_unassigned_signal() | Call psa_wait with signal mask that doesn't include any assigned signal | psa_wait | Yes |
+| test_i063 | psa_wait() returns the Secure Partition interrupt signals that have been asserted from the subset of signals indicated in the bitmask provided. The mask must contain the set of signals the caller is interested in handling. Signals that are not in signal_mask should be ignored. | [client/server]_test_psa_wait_signal_mask() | 1. Select signal_mask = (SERVER_UNSPECIFED_MINOR_V_SIG | SERVER_RELAX_MINOR_VERSION_SIG); <br />2. Server partition requests the client partition to make connection using sid=SERVER_SECURE_CONNECT_ONLY_SID. This connection request act as irritator to psa_wait(signal_mask) call and it is used to cover the rule - Signals that are not in signal_mask should be ignored by psa_wait.<br />3. NSPE client connects to a server partition using SID whose signal are part of signal_mask<br />4. Server partition executes psa_wait with necessary signal_mask. RoT service checks that returned signal value is subset of signals indicated in the signal_mask <br /> 5. At the end, server partition completes the starved (irritator) connection request of SERVER_SECURE_CONNECT_ONLY_SID. | psa_wait | Yes |
+| test_i064 | psa_eoi does not return if irq_signal is not an interrupt signal | driver_test_psa_eoi_with_non_intr_signal() | Call to psa_eoi with non-interrupt signal(PSA_DOORBELL).<br /> Note: The interrupt related test check is captured in driver_partition.c as this is the only partition in test suite that holds the interrupt line. | psa_eoi | Yes |
+| test_i065 | psa_eoi does not return if irq_signal is not currently asserted | driver_test_psa_eoi_with_unasserted_signal() | Call to psa_eoi with interrupt signal which is currently not asserted.<br /> Note: The interrupt related test check is captured in driver_partition.c as this is the only partition in test suite that holds the interrupt line. | psa_eoi | Yes |
+| test_i066 | psa_eoi does not return if irq_signal indicates more than one signal | driver_test_psa_eoi_with_multiple_signals() | Call to psa_eoi with irq_signal provided with multiple signals.<br /> Note: The interrupt related test check is captured in driver_partition.c as this is the only partition in test suite that holds the interrupt line. | psa_eoi | Yes |
+| | 1. psa_wait() returns the Secure Partition interrupt signals that have been asserted from the subset of signals indicated in the bitmask provided. (psa_wait API to recieve interrupt signal) <br /> 2. psa_eoi():Informs the SPM that an interrupt has been handled (end of interrupt). This will re-enable the interrupt line. <br />3.psa_eoi(): A signal remains active until it is processed by psa_eoi <br />4. Manifest- irqs (optional, unique)This attribute is a list of IRQ lines which are assigned to the Secure Partition.A Secure Partition always has exclusive access to an assigned IRQ. Secure Partitions are not allowed to share IRQs with other Secure Partitions.Each IRQ specified must provide a signal field. This field contains a symbolic name for the signal, used by the SPM to indicate when the interrupt is asserted. Each IRQ line is declared as either of the following:¿ line_num: A valid IRQ number for the platform.¿ line_name: A named IRQ, represented by a string identifier. | | The test for this scenario will be implemented in future release for PSA Test suite. Test Limitation:<br />1. Rules around sharing of irq lines can't be tested as specifiying it can result into build error.<br />2. Test suite partition manifests are rely on only line_num for specifying irq line number as line_name is subject to resolved in Implementation defined manner. | psa_wait,psa_eoi | No |
+| | Only Code is executable in secure partition | | The test for this scenario will be implemented in future release for PSA Test suite. Checks:<br />1. Execute instruction from writable memory<br />2. Execute instruction from read-only data | | No |
+| | Only Private data is writable in secure partition | | The test for this scenario will be implemented in future release for PSA Test suite. Checks:<br />1. Write to code space<br />2. Write to constant data space | | No |
+| | Isolation Level-1 rules:<br />I3: If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. From B access below asserts of A:<br />- Variables<br />- Execution stacks<br />- Allocation heap<br />- Memory-mapped I/O regions<br /><br />Where, A & B combination are:<br />A=Application RoT & B=NSPE<br />A=PSA RoT & B=NSPE<br />A=SPM & B=NSPE | | The test for this scenario will be implemented in future release for PSA Test suite. | | No |
+| | Isolation Level-2 rules- In addition to the Level 1 requirements, Level 2 firmware isolation must follow below rule:<br />I3: If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. From B access below asserts of A:<br />- Variables<br />- Execution stacks<br />- Allocation heap<br />- Memory-mapped I/O regions<br /><br />Where, A & B combination are:<br />A=PSA RoT partition & B=Application RoT partition<br />A=SPM & B=Application RoT partition | | The test for this scenario will be implemented in future release for PSA Test suite. | | No |
+| | Isolation Level-3 rules- In addition to the Level 2 requirements, Level 3 firmware isolation must follow below rule:<br />I3: If domain A needs protection from domain B, then Private data in domain A cannot be accessed by domain B. From B access below asserts of A:<br />- Variables<br />- Execution stacks<br />- Allocation heap<br />- Memory-mapped I/O regions<br /><br />Where, A & B combination are:<br />A=Secure Partition & B= Other Secure Partition<br />A=SPM & B=Secure Partition | | The test for this scenario will be implemented in future release for PSA Test suite. | | No |
+| | A Secure Partition is guaranteed to be able to read and write its private heap regions.<br />Manifest Parameter- heap_size. Properties: Optional.This attribute indicates the Secure Partition¿s heap size in bytes.The size value is represented either as a positive integer or as a hexadecimal string.If this field is specified in the manifest then the value must be greater than 0. If this field is not specified in the manifest then the SPM can assume the size is 0.If the framework does not implement the dynamic memory allocation API, then a manifest which specifies a heap_size must produce a build error. | | The test for this scenario will be implemented in future release for PSA Test suite. Check that specified heap memory is writable using malloc function. | | No |
+| NO_EXPLICIT_TEST | A Secure Partition is guaranteed to be able to read and write its private stack. <br />Manifest Parameter- stack_size (required) <br />Partition's stack size in bytes. The size value must be represented either as a positive integer or as a hexadecimal string. | N/A | No explicit test written to cover this rule. PSA IPC tests manifests are provided with tests partition required stack_size. A successful execution of tests partition code without stack access related faults, indirectly verify this field. | N/A | Yes |
+| NO_EXPLICIT_TEST | mmio_regions (optional, unique): <br />List of memory-mapped I/O region objects which the Secure Partition needs access to. A Secure Partition always has exclusive access to an MMIO region. Secure Partitions are not permitted to share MMIO regions with other Secure Partitions.<br />An MMIO region can be defined either as a:<br />numbered_region<br />named_region<br />A numbered region consists of a base address and a size. The size must be represented either as a positive integer or as a hexadecimal string. The base address must be represented as a hexadecimal string.<br />MMIO regions must not overlap.<br />An MMIO region must include a permission attribute. The following permissions are available:<br />READ-ONLY<br />READ-WRITE | N/A | Comments:<br />1. PSA IPC tests device driver partition manifests are provided with these fields. A successful compilation and run of device driver partition code indirectly verify this field. <br />2. Rules around sharing of MMIO regions is covered as part of isolation tests.<br />3. Rules around overlapping of MMIO regions can't be tested as specifying that into manifest results into compilation fail. <br />4. Test suite partition manifests are rely on numbered_region only as named_region is subject to resolved in Implementation defined manner. | N/A | Yes |
+| NO_EXPLICIT_TEST | Manifest Parameter - id (required, unique):A Secure Partition ID must be a non-zero positive 32-bit value. | N/A | PSA IPC tests partitions are provided with unique Partition ID (which is non-zero positive) and name field compliant to manifest rules. | N/A | Yes |
+| NO_EXPLICIT_TEST | Manifest Parameter- type (required) <br />Whether the Partition is a part of the PSA Root of Trust Services or is part of the Application Root of Trust Services.Type must be assigned one of the following values:- APPLICATION-ROT- PSA-ROT | N/A | PSA IPC tests partition files are provided with these fields. Access permission behaviour related to these fields will be verified as part of tests covering isolation level rules. | N/A | Yes |
+| NO_EXPLICIT_TEST | Manifest Parameter - description (optional) <br />This attribute contains a human-readable description and comments for the Secure Partition. | N/A | Test suite manifests are provided with these field with adhere to manifest rules. Manifest build tool parser must parse this field without any compilation fail. | N/A | Yes |
+| NO_EXPLICIT_TEST | Manifest Parameter -entry_point (required, unique) <br />The Partition entry point in the form of an C function symbol. A single entry point must be provided. | N/A | No explicit test written to cover this rule. Test suite manifests are provided with tests partition entry_point. A successful launch and run of tests partition code indirectly verify this field. | N/A | Yes |
+| NO_EXPLICIT_TEST | Manifest Parameter- linker_pattern(Required) <br />This attribute contains the minimum information required to link a Secure Partition¿s compiled static objects. It contains a mandatory sub attribute called object_list.The object_list is an explicit list of the expected binary objects of a Secure Partition once it is compiled. For example, this list may contain the names of the main entry-point binary and any other static library objects that the Secure Partition contains. | N/A | No explicit test written to cover this rule. Test suite manifests are provided with linker_pattern filled with required tests partition object archives. A successful use of this field to launch the partitions and fullfilling the PSA defined isolation requirement which are also being verified in isolation tests, indirectly verify this field. | N/A | Yes |
+| NO_EXPLICIT_TEST | The SPM must eventually deliver all signals and IPC messages. | N/A | No explicit test written to cover this rule. However all PSA IPC tests are written with the expectation that the SPM delivers all requested signals and IPC message in a timely fashion. Failure to provide this will result in simulation time out. <br />This rule is unbounded and cannot have full coverage. It is good to that things are delivered in a timely manner, however failure will not break compliance. | N/A | Yes |
+| NO_EXPLICIT_TEST | A Secure Partition is guaranteed to be able to execute and read its own code regions and read its own read-only data regions. | N/A | No explicit test written to cover this rule. This is a minimum requirement to able to launch and run secure partition. Failing to provide this, will not be able to run IPC test suite. | N/A | Yes |
+| NOT_COVERED | psa_get returns PSA_ERR_NOMSG if the SPM cannot deliver a message to the Secure Partition following the assertion of the RoT Service signal. | N/A | This scenario cannot be simulated as test can't generate stimulus where psa_get() API returns PSA_ERR_NOMSG. However every instances of psa_get() API call in test suite checks the API return value and re-waits for signal delivery if return value is PSA_ERR_NOMSG. | psa_get | No |
+| NOT_COVERED | psa_call does not return if the connection is already handling a request. | N/A | This rule is not verified beacuse of following reasons: <br />- There is no common infrastructure to test this rule as this needs two OS specific tasks where one task interrupted during execution of psa_call or psa_close and second task scheduled to execute psa_call using same handle.<br />- It is hard to write test stimulus where this rule is always hit as it is highly dependent of platform software scheduling policy. <br /> | psa_call | No |
+| NOT_COVERED | psa_close does not return if the connection is already handling a request | N/A | This rule is not verified beacuse of following reasons: <br />- There is no common infrastructure to test this rule as this needs two OS specific tasks where one task interrupted during execution of psa_call or psa_close and second task scheduled to execute psa_close using same handle.<br />- It is hard to write test stimulus where this rule is always hit as it is highly dependent of platform software scheduling policy. <br /> | psa_close | No |
+| NOT_COVERED | Manifest Parameter - priority (required) <br />Partitions must be assigned one of the following priority groups:¿ HIGH¿ NORMAL¿ LOWLOW is the lowest priority. Priority is ignored by SPMs that do not implement any priority-based scheduling. | N/A | Use of these fields are highly dependent on type of SPM scheduling policy, hence can't test the behavious of this field. And test suite partition manifests are provided with priority field equal to LOW. | N/A | No |
+| NOT_COVERED | Secure Partition IDs must be fixed across updates | N/A | Checking for Partition IDs across SPM updates is out of scope for PSA IPC tests. | N/A | No |
-
-# License
+## License
Arm PSA test suite is distributed under Apache v2.0 License.
--------------
-*Copyright (c) 2018, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2018-2019, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/docs/psa_its_testlist.md b/api-tests/docs/psa_its_testlist.md
new file mode 100644
index 0000000..a10c3a5
--- /dev/null
+++ b/api-tests/docs/psa_its_testlist.md
@@ -0,0 +1,23 @@
+# PSA Internal Trusted Storage Testcase checklist
+
+
+
+| Test | Return Value | API Verified | Test Algorithm | UID Usage |
+|-----------|--------------------------------------|------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| test_s001 | PSA_ITS_ERROR_KEY_NOT_FOUND | psa_its_get<br />psa_its_get_info <br />psa_its_remove<br /> | 1. Call get API with UID for which no UID/Data pair is created<br />2. Call get_info API for which no UID/Data pair is created<br />3. Call remove API for which no UID/Data pair is created<br />4. Set valid UID/Data pair with uid1<br />5. Set one more set of UID/Data pair, with different uid, than previous<br />6. Remove the uid of step 4.<br />7. Call get API for removed UID/data pair<br />8. Call get_info API for removed UID/Data pair<br />9. Call remove API for removed UID/Data pair<br />10. Set valid UID/Data pair<br />11. Call get API for different uid , then created<br />12. Call get_info API for different uid, then created<br />13. Call remove API for different uid, then created<br />14. Remove the created UID/Data pair.<br />15. remove the stray uid.<br /> | UID value used are 10,11 |
+| test_s002 | PSA_ITS_ERROR_WRITE_ONCE | psa_its_set<br />psa_its_remove<br /> | 1. Set valid UID/data value pair , with create flag value none.2. Call get and get_info API to validate the data, attributes associated with data<br />3. Call set API again with same uid and create flag PSA_PS_WRITE_ONCE_FLAG<br />4. Call get and get_info API to validate the data, attributes associated with data is not changed after second set operation<br />5. try to remove the UID/data pair.<br />6. Create new UID/data value pair, with create flag PSA_PS_WRITE_ONCE_FLAG<br />7. Try to remove the created UID.<br />8. Call get and get_info API to validate the data, attributes associated with data<br />9. Again call SET with same UID , create flag PSA_PS_WRITE_ONCE_FLAG but different data length<br />10. Try to remove the UID, PSA_ITS_ERROR_WRITE_ONCE error should be returned<br />11. Call get and get_info API to validate the data, attributes associated with data<br /> | UID value used are 14 and 15 |
+| test_s003 | PSA_ITS_ERROR_INSUFFICIENT_SPACE | psa_its_set<br /> | 1. Create UID/data pairs, with data_len 256 bytes. Do this with incrementing uid values till we have INSUFFICENT_SPACE.<br />2. Remove all the UID/data pairs created.<br />3. repeat the steps 5 times, to check same number of uid <br /> | UID value starts from 1 and keep on incrementing till all space is exhausted |
+| test_s004 | PSA_ITS_SUCCESS | psa_its_set<br />psa_its_get<br />psa_its_get_info<br />psa_its_remove<br /> | 1. Set a valid uid/data pair<br />2. Validate the data using get api<br />3. Change the data length to half of previous.<br />4. Call GET api with original data length , error should be returned and also the return buffer should be empty<br />5. Call GET api with correct data_len and validate the data received.<br />6. Check old data cannot be accessed.<br />7. Call REMOVE api to delete the UID/data pair<br /> | UID value used is 11 |
+| test_s005 | PSA_ITS_SUCCESS | psa_its_set<br />psa_its_get<br />psa_its_get_info<br />psa_its_remove<br /> | 1. Set valid UID/data pair with varying uid and data_len <br />2. Call GET api and validate the set data<br />3. Call GET info api and validate the data attributes<br />4. Call REMOVE api to delete the UID/data pair<br /> | UID value used are 0 and 10 |
+| test_s006 | PSA_ITS_ERROR_FLAGS_NOT_SUPPORTED | psa_its_set<br /> | 1. Call the SET_INFO with minimum flag value to max flag value <br />2. Call GET_INFO api and validae the flag value<br />3. remove the uid/data pair<br /> | UID value used is 10 |
+| test_s007 | PSA_ITS_ERROR_FLAGS_SET_AFTER_CREATE | psa_its_set<br /> | 1. Create valid uid/data pair with non-zero value. <br />2. Again call the set api for same uid to change flag to some different non-zero value.<br />3. Try to set flag to now CREATE_FLAG_VALUE_NONE.<br />4. remove the uid.<br />5. Create a new UID/data pair with zero create flag.<br />6. try to change the flag value to non-zero.<br />7. remove the uid<br /> | UID value used is 10 |
+| test_s008 | PSA_ITS_ERROR_OFFSET_INVALID | psa_its_get<br /> | 1. Set valid UID/data pair<br />2. Call GET api with valid offset and offset + data_len equal to stored data size.<br />3. Call GET api with valid offset and offset + data_len less than stored data size.<br />4. Call get api with invalid offset.<br />5. Call get api with zero offset , but data len greater than data size.<br />6. Remove the uid.<br /> | UID value used is 11 |
+| test_s009 | PSA_ITS_ERROR_BAD_POINTER | psa_its_get<br />psa_its_set<br />psa_its_get_info<br /> | 1. Call the SET API with NULL pointer and data_len zero <br />2. Validate using get_info api storage should not be present.<br />3. Set storage entity with valid write_buffer , but length zero.<br />4. Again try to set for same uid with NULL write_buffer.<br />5. Call get and get_info api with NULL pointer and valid uid.<br />6. remove the uid<br /> | UID value used is 11 <br /> |
+
+
+## License
+Arm PSA test suite is distributed under Apache v2.0 License.
+
+--------------
+
+*Copyright (c) 2019, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/docs/psa_ps_testlist.md b/api-tests/docs/psa_ps_testlist.md
new file mode 100644
index 0000000..89f6981
--- /dev/null
+++ b/api-tests/docs/psa_ps_testlist.md
@@ -0,0 +1,23 @@
+# PSA Protected Storage Testcase checklist
+
+
+
+| Test | Return Value | API Verified | Test Algorithm | UID Usage |
+|-----------|--------------------------------------|------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| test_s001 | PSA_PS_ERROR_KEY_NOT_FOUND | psa_ps_get<br />psa_ps_get_info <br />psa_ps_remove<br /> | 1. Call get API with UID for which no UID/Data pair is created<br />2. Call get_info API for which no UID/Data pair is created<br />3. Call remove API for which no UID/Data pair is created<br />4. Set valid UID/Data pair with uid1<br />5. Set one more set of UID/Data pair, with different uid, than previous<br />6. Remove the uid of step 4.<br />7. Call get API for removed UID/data pair<br />8. Call get_info API for removed UID/Data pair<br />9. Call remove API for removed UID/Data pair<br />10. Set valid UID/Data pair<br />11. Call get API for different uid , then created<br />12. Call get_info API for different uid, then created<br />13. Call remove API for different uid, then created<br />14. Remove the created UID/Data pair.<br />15. remove the stray uid.<br /> | UID value used are 10,11,9 |
+| test_s002 | PSA_PS_ERROR_WRITE_ONCE | psa_ps_set<br />psa_ps_remove<br /> | 1. Set valid UID/data value pair , with create flag value none.2. Call get and get_info API to validate the data, attributes associated with data<br />3. Call set API again with same uid and create flag PSA_PS_WRITE_ONCE_FLAG<br />4. Call get and get_info API to validate the data, attributes associated with data is not changed after second set operation<br />5. try to remove the UID/data pair.<br />6. Create new UID/data value pair, with create flag PSA_PS_WRITE_ONCE_FLAG<br />7. Try to remove the created UID.<br />8. Call get and get_info API to validate the data, attributes associated with data<br />9. Again call SET with same UID , create flag PSA_PS_WRITE_ONCE_FLAG but different data length<br />10. Try to remove the UID, PSA_PS_ERROR_WRITE_ONCE error should be returned<br />11. Call get and get_info API to validate the data, attributes associated with data<br /> | UID value used are 20 and 21 |
+| test_s003 | PSA_PS_ERROR_INSUFFICIENT_SPACE | psa_ps_set<br /> | 1. Create UID/data pairs, with data_len 256 bytes. Do this with incrementing uid values till we have INSUFFICENT_SPACE.<br />2. Remove all the UID/data pairs created.<br />3. repeat the steps 5 times, to check same number of uid <br /> | UID value starts from 1 and keep on incrementing till all space is exhausted |
+| test_s004 | PSA_PS_SUCCESS | psa_ps_set<br />psa_ps_get<br />psa_ps_get_info<br />psa_ps_remove<br /> | 1. Set a valid uid/data pair<br />2. Validate the data using get api<br />3. Change the data length to half of previous.<br />4. Call GET api with original data length , error should be returned and also the return buffer should be empty<br />5. Call GET api with correct data_len and validate the data received.<br />6. Check old data cannot be accessed.<br />7. Call REMOVE api to delete the UID/data pair<br /> | UID value used is 11 |
+| test_s005 | PSA_PS_SUCCESS | psa_ps_set<br />psa_ps_get<br />psa_ps_get_info<br />psa_ps_remove<br /> | 1. Set valid UID/data pair with varying uid and data_len <br />2. Call GET api and validate the set data<br />3. Call GET info api and validate the data attributes<br />4. Call REMOVE api to delete the UID/data pair<br /> | UID value used are 0 and 10 |
+| test_s006 | PSA_PS_ERROR_FLAGS_NOT_SUPPORTED | psa_ps_set<br /> | 1. Call the SET_INFO with minimum flag value to max flag value <br />2. Call GET_INFO api and validae the flag value<br />3. remove the uid/data pair<br /> | UID value used is 10 |
+| test_s007 | PSA_PS_ERROR_FLAGS_SET_AFTER_CREATE | psa_ps_set<br /> | 1. Create valid uid/data pair with non-zero value. <br />2. Again call the set api for same uid to change flag to some different non-zero value.<br />3. Try to set flag to now CREATE_FLAG_VALUE_NONE.<br />4. remove the uid.<br />5. Create a new UID/data pair with zero create flag.<br />6. try to change the flag value to non-zero.<br />7. remove the uid<br /> | UID value used is 10 |
+| test_s008 | PSA_PS_ERROR_OFFSET_INVALID | psa_ps_get<br /> | 1. Set valid UID/data pair<br />2. Call GET api with valid offset and offset + data_len equal to stored data size.<br />3. Call GET api with valid offset and offset + data_len less than stored data size.<br />4. Call get api with invalid offset.<br />5. Call get api with zero offset , but data len greater than data size.<br />6. Remove the uid.<br /> | UID value used is 11 |
+| test_s009 | PSA_PS_ERROR_BAD_POINTER | psa_ps_get<br />psa_ps_set<br />psa_ps_get_info<br /> | 1. Call the SET API with NULL pointer and data_len zero <br />2. Validate using get_info api storage should not be present.<br />3. Set storage entity with valid write_buffer , but length zero.<br />4. Again try to set for same uid with NULL write_buffer.<br />5. Call get and get_info api with NULL pointer and valid uid.<br />6. remove the uid<br /> | UID value used is 11 <br /> |
+
+
+## License
+Arm PSA test suite is distributed under Apache v2.0 License.
+
+--------------
+
+*Copyright (c) 2019, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/docs/sw_requirements.md b/api-tests/docs/sw_requirements.md
index 485681f..7f2c142 100644
--- a/api-tests/docs/sw_requirements.md
+++ b/api-tests/docs/sw_requirements.md
@@ -6,7 +6,10 @@
- Host Operating System : Ubuntu 16.04
- Scripting tools : Perl 5.12.3
-- Other open-source tools : GNU Arm Embedded Toolchain 6.3.1
+- Compiler toolchain : GNU Arm Embedded Toolchain 6.3.1, Arm Compiler v6.7
+
+*Note*: To compile Test Suite code, at least one of the above supported compiler toolchains
+ have to be available in the build environment.
### Setup a shell to enable compiler toolchain after installation
@@ -15,6 +18,11 @@
export PATH=<GNU_ARM_PATH>/bin:$PATH
~~~
+To import Arm Compiler in your bash shell console:
+~~~
+export PATH=<ARM_COMPILER_PATH>/bin:$PATH
+~~~
+
## Download source
To download the master branch of the repository, type the following command: <br />
@@ -27,4 +35,4 @@
--------------
-*Copyright (c) 2018, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2018-2019, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/ff/README.md b/api-tests/ff/README.md
index 9cd5c9d..d24bef3 100644
--- a/api-tests/ff/README.md
+++ b/api-tests/ff/README.md
@@ -22,16 +22,9 @@
The Architecture Test Suite contains the tests that are self-checking, portable C-based tests with directed stimulus.
-The tests are available as open source. The tests and the corresponding abstraction layers are available with an Apache v2.0 license allowing for external contribution.
+The tests are available as open source. The tests and the corresponding abstraction layers are available with an Apache v2.0 license allowing for external contribution. This test suite is not a substitute for design verification. To review the test logs, Arm licensees can contact Arm directly through their partner managers.
-For more information on Architecture Test Suite specification, refer the [Validation Methodology](../docs/Arm_PSA_FF_Arch_Test_Validation_Methodology.pdf) document.
-
-## Release Update
- - Release Version - 0.5
- - Code Quality - Alpha. This indicates the suite is in development and it contains tests which have not been validated on any platform. Please use this opportunity to suggest enhancements and point out errors.
- - Current release contains **IPC tests** that are written for version 1.0-Beta-0 of the PSA FF specification.
- - This test suite is not a substitute for design verification.
- - To review the test logs, Arm licensees can contact Arm directly through their partner managers.
+For more information on Architecture Test Suite specification, refer the [Validation Methodology](../docs/Arm_PSA_APIs_Arch_Test_Validation_Methodology.pdf) document.
## Tests Scenarios
@@ -48,7 +41,7 @@
### Porting steps
-Refer to the [Porting Guide](../docs/porting_guide.md) document for porting steps.
+Refer to the [PSA-FF Test Suite Porting Guide](../docs/porting_guide_ff.md) document for porting steps.
### Build steps
@@ -71,15 +64,15 @@
- <platform_name> is the same as the name of the target specific directory created in the platform/targets/ directory. <br />
- <cpu_architecture_version> is the Arm Architecture version name for which test binaries should be compiled. For example, Armv7M, Armv8M-Baseline and Armv8M-Mainline Architecture. <br />
- <suite_name> is the suite name and it is same as the suite name available in test_suites/ directory. <br />
-- <include_path> is an additional directory to be included into compiler search path. Note- To compile ipc tests, include path must point to path where "psa/client.h", "psa/service.h" and test partition manifest output files("psa_manifest/sid.h" and "psa_manifest/<manifestfilename>.h") are located in your build system.<br />
+- <include_path> is an additional directory to be included into compiler search path. Note- To compile ipc tests, include path must point to path where "psa/client.h", "psa/service.h" and test partition manifest output files(``"psa_manifest/sid.h" and "psa_manifest/<manifestfilename>.h"``) are located in your build system.<br />
- <build_dir> is an output directory to keep build files.
Refer ./tools/scripts/setup.sh --help to know more about options.
-*To compile ipc tests for fvp_mps2_cm4_mbedos platform*
+*To compile ipc tests for tgt_ff_mbedos_fvp_mps2_m4 platform*
```
cd api-tests
-./tools/scripts/setup.sh --target fvp_mps2_cm4_mbedos --cpu_arch armv7m --suite ipc --build BUILD_IPC --include <include_path1> --include <include_path2>
+./tools/scripts/setup.sh --target tgt_ff_mbedos_fvp_mps2_m4 --cpu_arch armv7m --suite ipc --build BUILD_IPC --include <include_path1> --include <include_path2>
```
### Build output
@@ -124,5 +117,5 @@
--------------
-*Copyright (c) 2018, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2018-2019, Arm Limited and Contributors. All rights reserved.*
diff --git a/api-tests/ff/ipc/test_i001/test_i001.c b/api-tests/ff/ipc/test_i001/test_i001.c
index dd54077..d1ecc47 100644
--- a/api-tests/ff/ipc/test_i001/test_i001.c
+++ b/api-tests/ff/ipc/test_i001/test_i001.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i001.h"
diff --git a/api-tests/ff/ipc/test_i001/test_i001.h b/api-tests/ff/ipc/test_i001/test_i001.h
index 033f194..a42fd97 100644
--- a/api-tests/ff/ipc/test_i001/test_i001.h
+++ b/api-tests/ff/ipc/test_i001/test_i001.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST001_CLIENT_TESTS_H_
-#define _TEST001_CLIENT_TESTS_H_
+#ifndef _TEST_I001_CLIENT_TESTS_H_
+#define _TEST_I001_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i002/test_entry.c b/api-tests/ff/ipc/test_i002/test_entry.c
index 8d23bd2..6003669 100644
--- a/api-tests/ff/ipc/test_i002/test_entry.c
+++ b/api-tests/ff/ipc/test_i002/test_entry.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -34,7 +34,7 @@
psa = psa_api;
/* test init */
- val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
if (!IS_TEST_START(val->get_status()))
{
goto test_exit;
diff --git a/api-tests/ff/ipc/test_i002/test_i002.c b/api-tests/ff/ipc/test_i002/test_i002.c
index 8dc53e4..705ee2b 100644
--- a/api-tests/ff/ipc/test_i002/test_i002.c
+++ b/api-tests/ff/ipc/test_i002/test_i002.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i002.h"
@@ -35,7 +35,6 @@
client_test_spm_concurrent_connect_limit,
client_test_psa_block_behave,
client_test_psa_poll_behave,
- client_test_psa_wait_bitmask,
NULL,
};
@@ -285,28 +284,3 @@
val->print(PRINT_TEST, "[Check8] Test PSA_POLL\n", 0);
return (client_test_psa_wait());
}
-
-int32_t client_test_psa_wait_bitmask(security_t caller)
-{
- psa_handle_t handle = 0;
-
- val->print(PRINT_TEST, "[Check9] Test psa_wait bitmask\n", 0);
-
- handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
-
- if (handle != PSA_CONNECTION_REFUSED)
- {
- val->print(PRINT_ERROR, "psa_connect failed -1\n", 0);
- return VAL_STATUS_INVALID_HANDLE;
- }
-
- handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
-
- if (handle != PSA_CONNECTION_REFUSED)
- {
- val->print(PRINT_ERROR, "psa_connect failed -2\n", 0);
- return VAL_STATUS_INVALID_HANDLE;
- }
-
- return VAL_STATUS_SUCCESS;
-}
diff --git a/api-tests/ff/ipc/test_i002/test_i002.h b/api-tests/ff/ipc/test_i002/test_i002.h
index d61fc1c..c4eb205 100644
--- a/api-tests/ff/ipc/test_i002/test_i002.h
+++ b/api-tests/ff/ipc/test_i002/test_i002.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST002_CLIENT_TESTS_H_
-#define _TEST002_CLIENT_TESTS_H_
+#ifndef _TEST_I002_CLIENT_TESTS_H_
+#define _TEST_I002_CLIENT_TESTS_H_
#include "val_client_defs.h"
@@ -44,5 +44,4 @@
int32_t client_test_spm_concurrent_connect_limit(security_t);
int32_t client_test_psa_block_behave(security_t);
int32_t client_test_psa_poll_behave(security_t);
-int32_t client_test_psa_wait_bitmask(security_t);
#endif
diff --git a/api-tests/ff/ipc/test_i002/test_supp_i002.c b/api-tests/ff/ipc/test_i002/test_supp_i002.c
index c23b6f3..4358e24 100644
--- a/api-tests/ff/ipc/test_i002/test_supp_i002.c
+++ b/api-tests/ff/ipc/test_i002/test_supp_i002.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -28,7 +28,6 @@
int32_t server_test_spm_concurrent_connect_limit(void);
int32_t server_test_psa_block_behave(void);
int32_t server_test_psa_poll_behave(void);
-int32_t server_test_psa_wait_bitmask(void);
server_test_t test_i002_server_tests_list[] = {
NULL,
@@ -40,7 +39,6 @@
server_test_spm_concurrent_connect_limit,
server_test_psa_block_behave,
server_test_psa_poll_behave,
- server_test_psa_wait_bitmask,
NULL,
};
@@ -70,7 +68,7 @@
}
/* Rejecting connection to check behaviour of PSA_CONNECTION_REFUSED */
- psa_reply(msg.handle, PSA_CONNECTION_BUSY);
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
return status;
}
@@ -366,51 +364,3 @@
}
return VAL_STATUS_SUCCESS;
}
-
-int32_t server_test_psa_wait_bitmask(void)
-{
- psa_signal_t signals = 0;
- psa_msg_t msg = {0};
- int loop_cnt = 2;
- psa_signal_t signal_mask = (SERVER_UNSPECIFED_MINOR_V_SIG | SERVER_RELAX_MINOR_VERSION_SIG);
-
- /* Debug print */
- val_err_check_set(TEST_CHECKPOINT_NUM(217), VAL_STATUS_SUCCESS);
-
-wait1:
- signals = psa_wait(signal_mask, PSA_BLOCK);
-
- /* Returned signals value must be subset signals indicated in the signal_mask */
- if (((signals & signal_mask) == 0) &&
- ((signals | signal_mask) != signal_mask))
- {
- val_print(PRINT_ERROR,
- "psa_wait returned with invalid signal value = 0x%x\n", signals);
- return VAL_STATUS_ERROR;
- }
- else if (signals & SERVER_UNSPECIFED_MINOR_V_SIG)
- {
- if (psa_get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
- {
- goto wait1;
- }
-
- loop_cnt--;
- psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
- }
- else if (signals & SERVER_RELAX_MINOR_VERSION_SIG)
- {
- if (psa_get(SERVER_RELAX_MINOR_VERSION_SIG, &msg) != PSA_SUCCESS)
- {
- goto wait1;
- }
-
- loop_cnt--;
- psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
- }
-
- if (loop_cnt != 0)
- goto wait1;
-
- return VAL_STATUS_SUCCESS;
-}
diff --git a/api-tests/ff/ipc/test_i003/test_i003.c b/api-tests/ff/ipc/test_i003/test_i003.c
index 114f673..17b1bdb 100644
--- a/api-tests/ff/ipc/test_i003/test_i003.c
+++ b/api-tests/ff/ipc/test_i003/test_i003.c
@@ -20,8 +20,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i003.h"
diff --git a/api-tests/ff/ipc/test_i003/test_i003.h b/api-tests/ff/ipc/test_i003/test_i003.h
index 88db8ec..b83b219 100644
--- a/api-tests/ff/ipc/test_i003/test_i003.h
+++ b/api-tests/ff/ipc/test_i003/test_i003.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST003_CLIENT_TESTS_H_
-#define _TEST003_CLIENT_TESTS_H_
+#ifndef _TEST_I003_CLIENT_TESTS_H_
+#define _TEST_I003_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i004/test_i004.c b/api-tests/ff/ipc/test_i004/test_i004.c
index 1e94d47..790e91b 100644
--- a/api-tests/ff/ipc/test_i004/test_i004.c
+++ b/api-tests/ff/ipc/test_i004/test_i004.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i004.h"
diff --git a/api-tests/ff/ipc/test_i004/test_i004.h b/api-tests/ff/ipc/test_i004/test_i004.h
index 02456a4..fe07c10 100644
--- a/api-tests/ff/ipc/test_i004/test_i004.h
+++ b/api-tests/ff/ipc/test_i004/test_i004.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST004_CLIENT_TESTS_H_
-#define _TEST004_CLIENT_TESTS_H_
+#ifndef _TEST_I004_CLIENT_TESTS_H_
+#define _TEST_I004_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i005/test_i005.c b/api-tests/ff/ipc/test_i005/test_i005.c
index 38b8536..8e02e21 100644
--- a/api-tests/ff/ipc/test_i005/test_i005.c
+++ b/api-tests/ff/ipc/test_i005/test_i005.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i005.h"
diff --git a/api-tests/ff/ipc/test_i005/test_i005.h b/api-tests/ff/ipc/test_i005/test_i005.h
index 15128bd..5931049 100644
--- a/api-tests/ff/ipc/test_i005/test_i005.h
+++ b/api-tests/ff/ipc/test_i005/test_i005.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST005_CLIENT_TESTS_H_
-#define _TEST005_CLIENT_TESTS_H_
+#ifndef _TEST_I005_CLIENT_TESTS_H_
+#define _TEST_I005_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i006/test_i006.c b/api-tests/ff/ipc/test_i006/test_i006.c
index 3c896a9..6356b9c 100644
--- a/api-tests/ff/ipc/test_i006/test_i006.c
+++ b/api-tests/ff/ipc/test_i006/test_i006.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i006.h"
diff --git a/api-tests/ff/ipc/test_i006/test_i006.h b/api-tests/ff/ipc/test_i006/test_i006.h
index 3f3878e..62d5a4c 100644
--- a/api-tests/ff/ipc/test_i006/test_i006.h
+++ b/api-tests/ff/ipc/test_i006/test_i006.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST006_CLIENT_TESTS_H_
-#define _TEST006_CLIENT_TESTS_H_
+#ifndef _TEST_I006_CLIENT_TESTS_H_
+#define _TEST_I006_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i007/test_i007.c b/api-tests/ff/ipc/test_i007/test_i007.c
index dfea14c..518c13b 100644
--- a/api-tests/ff/ipc/test_i007/test_i007.c
+++ b/api-tests/ff/ipc/test_i007/test_i007.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i007.h"
diff --git a/api-tests/ff/ipc/test_i007/test_i007.h b/api-tests/ff/ipc/test_i007/test_i007.h
index d4b93a8..26908fb 100644
--- a/api-tests/ff/ipc/test_i007/test_i007.h
+++ b/api-tests/ff/ipc/test_i007/test_i007.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST007_CLIENT_TESTS_H_
-#define _TEST007_CLIENT_TESTS_H_
+#ifndef _TEST_I007_CLIENT_TESTS_H_
+#define _TEST_I007_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i008/test_i008.c b/api-tests/ff/ipc/test_i008/test_i008.c
index decdf38..1890754 100644
--- a/api-tests/ff/ipc/test_i008/test_i008.c
+++ b/api-tests/ff/ipc/test_i008/test_i008.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i008.h"
diff --git a/api-tests/ff/ipc/test_i008/test_i008.h b/api-tests/ff/ipc/test_i008/test_i008.h
index 147a843..be6cc9f 100644
--- a/api-tests/ff/ipc/test_i008/test_i008.h
+++ b/api-tests/ff/ipc/test_i008/test_i008.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST008_CLIENT_TESTS_H_
-#define _TEST008_CLIENT_TESTS_H_
+#ifndef _TEST_I008_CLIENT_TESTS_H_
+#define _TEST_I008_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i009/test_i009.c b/api-tests/ff/ipc/test_i009/test_i009.c
index fde8cf3..aa05a79 100644
--- a/api-tests/ff/ipc/test_i009/test_i009.c
+++ b/api-tests/ff/ipc/test_i009/test_i009.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i009.h"
diff --git a/api-tests/ff/ipc/test_i009/test_i009.h b/api-tests/ff/ipc/test_i009/test_i009.h
index 8cc4e5c..b8cbc53 100644
--- a/api-tests/ff/ipc/test_i009/test_i009.h
+++ b/api-tests/ff/ipc/test_i009/test_i009.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST009_CLIENT_TESTS_H_
-#define _TEST009_CLIENT_TESTS_H_
+#ifndef _TEST_I009_CLIENT_TESTS_H_
+#define _TEST_I009_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i010/test_i010.c b/api-tests/ff/ipc/test_i010/test_i010.c
index 9a3241f..9599485 100644
--- a/api-tests/ff/ipc/test_i010/test_i010.c
+++ b/api-tests/ff/ipc/test_i010/test_i010.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i010.h"
diff --git a/api-tests/ff/ipc/test_i010/test_i010.h b/api-tests/ff/ipc/test_i010/test_i010.h
index 83eab5d..7e0eb02 100644
--- a/api-tests/ff/ipc/test_i010/test_i010.h
+++ b/api-tests/ff/ipc/test_i010/test_i010.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST010_CLIENT_TESTS_H_
-#define _TEST010_CLIENT_TESTS_H_
+#ifndef _TEST_I010_CLIENT_TESTS_H_
+#define _TEST_I010_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i011/test_i011.c b/api-tests/ff/ipc/test_i011/test_i011.c
index e15d869..6965daa 100644
--- a/api-tests/ff/ipc/test_i011/test_i011.c
+++ b/api-tests/ff/ipc/test_i011/test_i011.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i011.h"
diff --git a/api-tests/ff/ipc/test_i011/test_i011.h b/api-tests/ff/ipc/test_i011/test_i011.h
index ee36c1d..8b6f732 100644
--- a/api-tests/ff/ipc/test_i011/test_i011.h
+++ b/api-tests/ff/ipc/test_i011/test_i011.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST011_CLIENT_TESTS_H_
-#define _TEST011_CLIENT_TESTS_H_
+#ifndef _TEST_I011_CLIENT_TESTS_H_
+#define _TEST_I011_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i012/test_i012.c b/api-tests/ff/ipc/test_i012/test_i012.c
index 7fe6a83..1623d77 100644
--- a/api-tests/ff/ipc/test_i012/test_i012.c
+++ b/api-tests/ff/ipc/test_i012/test_i012.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i012.h"
diff --git a/api-tests/ff/ipc/test_i012/test_i012.h b/api-tests/ff/ipc/test_i012/test_i012.h
index 79f7f11..d7a2776 100644
--- a/api-tests/ff/ipc/test_i012/test_i012.h
+++ b/api-tests/ff/ipc/test_i012/test_i012.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST012_CLIENT_TESTS_H_
-#define _TEST012_CLIENT_TESTS_H_
+#ifndef _TEST_I012_CLIENT_TESTS_H_
+#define _TEST_I012_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i013/test_i013.c b/api-tests/ff/ipc/test_i013/test_i013.c
index ac9752a..f0088a8 100644
--- a/api-tests/ff/ipc/test_i013/test_i013.c
+++ b/api-tests/ff/ipc/test_i013/test_i013.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i013.h"
diff --git a/api-tests/ff/ipc/test_i013/test_i013.h b/api-tests/ff/ipc/test_i013/test_i013.h
index ad08224..8721594 100644
--- a/api-tests/ff/ipc/test_i013/test_i013.h
+++ b/api-tests/ff/ipc/test_i013/test_i013.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST013_CLIENT_TESTS_H_
-#define _TEST013_CLIENT_TESTS_H_
+#ifndef _TEST_I013_CLIENT_TESTS_H_
+#define _TEST_I013_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i014/test_i014.c b/api-tests/ff/ipc/test_i014/test_i014.c
index c11a8ab..2fde3e2 100644
--- a/api-tests/ff/ipc/test_i014/test_i014.c
+++ b/api-tests/ff/ipc/test_i014/test_i014.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i014.h"
diff --git a/api-tests/ff/ipc/test_i014/test_i014.h b/api-tests/ff/ipc/test_i014/test_i014.h
index 3d1060d..939dc4d 100644
--- a/api-tests/ff/ipc/test_i014/test_i014.h
+++ b/api-tests/ff/ipc/test_i014/test_i014.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST014_CLIENT_TESTS_H_
-#define _TEST014_CLIENT_TESTS_H_
+#ifndef _TEST_I014_CLIENT_TESTS_H_
+#define _TEST_I014_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i015/test_i015.c b/api-tests/ff/ipc/test_i015/test_i015.c
index 715a947..44a0887 100644
--- a/api-tests/ff/ipc/test_i015/test_i015.c
+++ b/api-tests/ff/ipc/test_i015/test_i015.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i015.h"
diff --git a/api-tests/ff/ipc/test_i015/test_i015.h b/api-tests/ff/ipc/test_i015/test_i015.h
index 1fd23b2..f1d4bfb 100644
--- a/api-tests/ff/ipc/test_i015/test_i015.h
+++ b/api-tests/ff/ipc/test_i015/test_i015.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST015_CLIENT_TESTS_H_
-#define _TEST015_CLIENT_TESTS_H_
+#ifndef _TEST_I015_CLIENT_TESTS_H_
+#define _TEST_I015_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i016/test_i016.c b/api-tests/ff/ipc/test_i016/test_i016.c
index 6edbbe9..a99fa3f 100644
--- a/api-tests/ff/ipc/test_i016/test_i016.c
+++ b/api-tests/ff/ipc/test_i016/test_i016.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i016.h"
diff --git a/api-tests/ff/ipc/test_i016/test_i016.h b/api-tests/ff/ipc/test_i016/test_i016.h
index 4266d47..ffb78e1 100644
--- a/api-tests/ff/ipc/test_i016/test_i016.h
+++ b/api-tests/ff/ipc/test_i016/test_i016.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST015_CLIENT_TESTS_H_
-#define _TEST015_CLIENT_TESTS_H_
+#ifndef _TEST_I015_CLIENT_TESTS_H_
+#define _TEST_I015_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i017/test_i017.c b/api-tests/ff/ipc/test_i017/test_i017.c
index 47c54d7..5a0590d 100644
--- a/api-tests/ff/ipc/test_i017/test_i017.c
+++ b/api-tests/ff/ipc/test_i017/test_i017.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i017.h"
diff --git a/api-tests/ff/ipc/test_i017/test_i017.h b/api-tests/ff/ipc/test_i017/test_i017.h
index f7801da..60e4e87 100644
--- a/api-tests/ff/ipc/test_i017/test_i017.h
+++ b/api-tests/ff/ipc/test_i017/test_i017.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST017_CLIENT_TESTS_H_
-#define _TEST017_CLIENT_TESTS_H_
+#ifndef _TEST_I017_CLIENT_TESTS_H_
+#define _TEST_I017_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i018/test_i018.c b/api-tests/ff/ipc/test_i018/test_i018.c
index 726c2b9..d23bcc9 100644
--- a/api-tests/ff/ipc/test_i018/test_i018.c
+++ b/api-tests/ff/ipc/test_i018/test_i018.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i018.h"
diff --git a/api-tests/ff/ipc/test_i018/test_i018.h b/api-tests/ff/ipc/test_i018/test_i018.h
index 7708629..f8eed0d 100644
--- a/api-tests/ff/ipc/test_i018/test_i018.h
+++ b/api-tests/ff/ipc/test_i018/test_i018.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST018_CLIENT_TESTS_H_
-#define _TEST018_CLIENT_TESTS_H_
+#ifndef _TEST_I018_CLIENT_TESTS_H_
+#define _TEST_I018_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i019/test_i019.c b/api-tests/ff/ipc/test_i019/test_i019.c
index 3e81e49..3050ba7 100644
--- a/api-tests/ff/ipc/test_i019/test_i019.c
+++ b/api-tests/ff/ipc/test_i019/test_i019.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i019.h"
diff --git a/api-tests/ff/ipc/test_i019/test_i019.h b/api-tests/ff/ipc/test_i019/test_i019.h
index 0e1ff73..39c0065 100644
--- a/api-tests/ff/ipc/test_i019/test_i019.h
+++ b/api-tests/ff/ipc/test_i019/test_i019.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST019_CLIENT_TESTS_H_
-#define _TEST019_CLIENT_TESTS_H_
+#ifndef _TEST_I019_CLIENT_TESTS_H_
+#define _TEST_I019_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i020/test_i020.c b/api-tests/ff/ipc/test_i020/test_i020.c
index 62f588d..31f3b50 100644
--- a/api-tests/ff/ipc/test_i020/test_i020.c
+++ b/api-tests/ff/ipc/test_i020/test_i020.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i020.h"
diff --git a/api-tests/ff/ipc/test_i020/test_i020.h b/api-tests/ff/ipc/test_i020/test_i020.h
index 77b4413..7b9c1eb 100644
--- a/api-tests/ff/ipc/test_i020/test_i020.h
+++ b/api-tests/ff/ipc/test_i020/test_i020.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST020_CLIENT_TESTS_H_
-#define _TEST020_CLIENT_TESTS_H_
+#ifndef _TEST_I020_CLIENT_TESTS_H_
+#define _TEST_I020_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i021/test_i021.c b/api-tests/ff/ipc/test_i021/test_i021.c
index 172fb30..42b611e 100644
--- a/api-tests/ff/ipc/test_i021/test_i021.c
+++ b/api-tests/ff/ipc/test_i021/test_i021.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i021.h"
diff --git a/api-tests/ff/ipc/test_i021/test_i021.h b/api-tests/ff/ipc/test_i021/test_i021.h
index 1d03367..4002563 100644
--- a/api-tests/ff/ipc/test_i021/test_i021.h
+++ b/api-tests/ff/ipc/test_i021/test_i021.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST021_CLIENT_TESTS_H_
-#define _TEST021_CLIENT_TESTS_H_
+#ifndef _TEST_I021_CLIENT_TESTS_H_
+#define _TEST_I021_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i022/test_i022.c b/api-tests/ff/ipc/test_i022/test_i022.c
index 1085cb0..6fc5ac5 100644
--- a/api-tests/ff/ipc/test_i022/test_i022.c
+++ b/api-tests/ff/ipc/test_i022/test_i022.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i022.h"
diff --git a/api-tests/ff/ipc/test_i022/test_i022.h b/api-tests/ff/ipc/test_i022/test_i022.h
index b5928a9..b67081f 100644
--- a/api-tests/ff/ipc/test_i022/test_i022.h
+++ b/api-tests/ff/ipc/test_i022/test_i022.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST022_CLIENT_TESTS_H_
-#define _TEST022_CLIENT_TESTS_H_
+#ifndef _TEST_I022_CLIENT_TESTS_H_
+#define _TEST_I022_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i023/test_i023.c b/api-tests/ff/ipc/test_i023/test_i023.c
index 0827544..164552a 100644
--- a/api-tests/ff/ipc/test_i023/test_i023.c
+++ b/api-tests/ff/ipc/test_i023/test_i023.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i023.h"
diff --git a/api-tests/ff/ipc/test_i023/test_i023.h b/api-tests/ff/ipc/test_i023/test_i023.h
index 812379f..b0394f1 100644
--- a/api-tests/ff/ipc/test_i023/test_i023.h
+++ b/api-tests/ff/ipc/test_i023/test_i023.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST023_CLIENT_TESTS_H_
-#define _TEST023_CLIENT_TESTS_H_
+#ifndef _TEST_I023_CLIENT_TESTS_H_
+#define _TEST_I023_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i024/test_i024.c b/api-tests/ff/ipc/test_i024/test_i024.c
index d6a8551..b8ffaab 100644
--- a/api-tests/ff/ipc/test_i024/test_i024.c
+++ b/api-tests/ff/ipc/test_i024/test_i024.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i024.h"
diff --git a/api-tests/ff/ipc/test_i024/test_i024.h b/api-tests/ff/ipc/test_i024/test_i024.h
index 3181afa..109ba86 100644
--- a/api-tests/ff/ipc/test_i024/test_i024.h
+++ b/api-tests/ff/ipc/test_i024/test_i024.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST024_CLIENT_TESTS_H_
-#define _TEST024_CLIENT_TESTS_H_
+#ifndef _TEST_I024_CLIENT_TESTS_H_
+#define _TEST_I024_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i025/test_i025.c b/api-tests/ff/ipc/test_i025/test_i025.c
index a8cd726..495247f 100644
--- a/api-tests/ff/ipc/test_i025/test_i025.c
+++ b/api-tests/ff/ipc/test_i025/test_i025.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i025.h"
diff --git a/api-tests/ff/ipc/test_i025/test_i025.h b/api-tests/ff/ipc/test_i025/test_i025.h
index cd368be..2cc58ee 100644
--- a/api-tests/ff/ipc/test_i025/test_i025.h
+++ b/api-tests/ff/ipc/test_i025/test_i025.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST025_CLIENT_TESTS_H_
-#define _TEST025_CLIENT_TESTS_H_
+#ifndef _TEST_I025_CLIENT_TESTS_H_
+#define _TEST_I025_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i026/test_i026.c b/api-tests/ff/ipc/test_i026/test_i026.c
index 2c41d18..cedc4d6 100644
--- a/api-tests/ff/ipc/test_i026/test_i026.c
+++ b/api-tests/ff/ipc/test_i026/test_i026.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i026.h"
diff --git a/api-tests/ff/ipc/test_i026/test_i026.h b/api-tests/ff/ipc/test_i026/test_i026.h
index 94e0a88..41d14db 100644
--- a/api-tests/ff/ipc/test_i026/test_i026.h
+++ b/api-tests/ff/ipc/test_i026/test_i026.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST026_CLIENT_TESTS_H_
-#define _TEST026_CLIENT_TESTS_H_
+#ifndef _TEST_I026_CLIENT_TESTS_H_
+#define _TEST_I026_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i027/test_i027.c b/api-tests/ff/ipc/test_i027/test_i027.c
index 2857132..2c69f79 100644
--- a/api-tests/ff/ipc/test_i027/test_i027.c
+++ b/api-tests/ff/ipc/test_i027/test_i027.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i027.h"
diff --git a/api-tests/ff/ipc/test_i027/test_i027.h b/api-tests/ff/ipc/test_i027/test_i027.h
index 0e87465..2996167 100644
--- a/api-tests/ff/ipc/test_i027/test_i027.h
+++ b/api-tests/ff/ipc/test_i027/test_i027.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST027_CLIENT_TESTS_H_
-#define _TEST027_CLIENT_TESTS_H_
+#ifndef _TEST_I027_CLIENT_TESTS_H_
+#define _TEST_I027_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i028/test_i028.c b/api-tests/ff/ipc/test_i028/test_i028.c
index 4d63732..0e3539f 100644
--- a/api-tests/ff/ipc/test_i028/test_i028.c
+++ b/api-tests/ff/ipc/test_i028/test_i028.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i028.h"
diff --git a/api-tests/ff/ipc/test_i028/test_i028.h b/api-tests/ff/ipc/test_i028/test_i028.h
index d8adfe9..8368fa1 100644
--- a/api-tests/ff/ipc/test_i028/test_i028.h
+++ b/api-tests/ff/ipc/test_i028/test_i028.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST028_CLIENT_TESTS_H_
-#define _TEST028_CLIENT_TESTS_H_
+#ifndef _TEST_I028_CLIENT_TESTS_H_
+#define _TEST_I028_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i029/test_i029.c b/api-tests/ff/ipc/test_i029/test_i029.c
index b867eb7..69f3c51 100644
--- a/api-tests/ff/ipc/test_i029/test_i029.c
+++ b/api-tests/ff/ipc/test_i029/test_i029.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i029.h"
diff --git a/api-tests/ff/ipc/test_i029/test_i029.h b/api-tests/ff/ipc/test_i029/test_i029.h
index 01cc7bf..14119bc 100644
--- a/api-tests/ff/ipc/test_i029/test_i029.h
+++ b/api-tests/ff/ipc/test_i029/test_i029.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST029_CLIENT_TESTS_H_
-#define _TEST029_CLIENT_TESTS_H_
+#ifndef _TEST_I029_CLIENT_TESTS_H_
+#define _TEST_I029_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i030/test_i030.c b/api-tests/ff/ipc/test_i030/test_i030.c
index 6b383ed..3a4a767 100644
--- a/api-tests/ff/ipc/test_i030/test_i030.c
+++ b/api-tests/ff/ipc/test_i030/test_i030.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i030.h"
diff --git a/api-tests/ff/ipc/test_i030/test_i030.h b/api-tests/ff/ipc/test_i030/test_i030.h
index 641195b..fafb2a8 100644
--- a/api-tests/ff/ipc/test_i030/test_i030.h
+++ b/api-tests/ff/ipc/test_i030/test_i030.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST030_CLIENT_TESTS_H_
-#define _TEST030_CLIENT_TESTS_H_
+#ifndef _TEST_I030_CLIENT_TESTS_H_
+#define _TEST_I030_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i031/test_i031.c b/api-tests/ff/ipc/test_i031/test_i031.c
index d802d18..ffa5a7c 100644
--- a/api-tests/ff/ipc/test_i031/test_i031.c
+++ b/api-tests/ff/ipc/test_i031/test_i031.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i031.h"
diff --git a/api-tests/ff/ipc/test_i031/test_i031.h b/api-tests/ff/ipc/test_i031/test_i031.h
index 632288d..ceb16f8 100644
--- a/api-tests/ff/ipc/test_i031/test_i031.h
+++ b/api-tests/ff/ipc/test_i031/test_i031.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST031_CLIENT_TESTS_H_
-#define _TEST031_CLIENT_TESTS_H_
+#ifndef _TEST_I031_CLIENT_TESTS_H_
+#define _TEST_I031_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i032/test_i032.c b/api-tests/ff/ipc/test_i032/test_i032.c
index f8b7adc..712254b 100644
--- a/api-tests/ff/ipc/test_i032/test_i032.c
+++ b/api-tests/ff/ipc/test_i032/test_i032.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i032.h"
diff --git a/api-tests/ff/ipc/test_i032/test_i032.h b/api-tests/ff/ipc/test_i032/test_i032.h
index 474ceee..8ea8bd4 100644
--- a/api-tests/ff/ipc/test_i032/test_i032.h
+++ b/api-tests/ff/ipc/test_i032/test_i032.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST032_CLIENT_TESTS_H_
-#define _TEST032_CLIENT_TESTS_H_
+#ifndef _TEST_I032_CLIENT_TESTS_H_
+#define _TEST_I032_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i033/test_i033.c b/api-tests/ff/ipc/test_i033/test_i033.c
index 4eed653..68e35bc 100644
--- a/api-tests/ff/ipc/test_i033/test_i033.c
+++ b/api-tests/ff/ipc/test_i033/test_i033.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i033.h"
diff --git a/api-tests/ff/ipc/test_i033/test_i033.h b/api-tests/ff/ipc/test_i033/test_i033.h
index a0ea1e8..2c65273 100644
--- a/api-tests/ff/ipc/test_i033/test_i033.h
+++ b/api-tests/ff/ipc/test_i033/test_i033.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST033_CLIENT_TESTS_H_
-#define _TEST033_CLIENT_TESTS_H_
+#ifndef _TEST_I033_CLIENT_TESTS_H_
+#define _TEST_I033_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i034/test_i034.c b/api-tests/ff/ipc/test_i034/test_i034.c
index 4fa1bbe..d57057b 100644
--- a/api-tests/ff/ipc/test_i034/test_i034.c
+++ b/api-tests/ff/ipc/test_i034/test_i034.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i034.h"
diff --git a/api-tests/ff/ipc/test_i034/test_i034.h b/api-tests/ff/ipc/test_i034/test_i034.h
index 837288d..2a7be62 100644
--- a/api-tests/ff/ipc/test_i034/test_i034.h
+++ b/api-tests/ff/ipc/test_i034/test_i034.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST034_CLIENT_TESTS_H_
-#define _TEST034_CLIENT_TESTS_H_
+#ifndef _TEST_I034_CLIENT_TESTS_H_
+#define _TEST_I034_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i035/test_i035.c b/api-tests/ff/ipc/test_i035/test_i035.c
index 11c58de..401d292 100644
--- a/api-tests/ff/ipc/test_i035/test_i035.c
+++ b/api-tests/ff/ipc/test_i035/test_i035.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i035.h"
diff --git a/api-tests/ff/ipc/test_i035/test_i035.h b/api-tests/ff/ipc/test_i035/test_i035.h
index af771cf..4866463 100644
--- a/api-tests/ff/ipc/test_i035/test_i035.h
+++ b/api-tests/ff/ipc/test_i035/test_i035.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST035_CLIENT_TESTS_H_
-#define _TEST035_CLIENT_TESTS_H_
+#ifndef _TEST_I035_CLIENT_TESTS_H_
+#define _TEST_I035_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i036/test_i036.c b/api-tests/ff/ipc/test_i036/test_i036.c
index 9945161..0daf635 100644
--- a/api-tests/ff/ipc/test_i036/test_i036.c
+++ b/api-tests/ff/ipc/test_i036/test_i036.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i036.h"
diff --git a/api-tests/ff/ipc/test_i036/test_i036.h b/api-tests/ff/ipc/test_i036/test_i036.h
index 9b4ef64..6c18e60 100644
--- a/api-tests/ff/ipc/test_i036/test_i036.h
+++ b/api-tests/ff/ipc/test_i036/test_i036.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST036_CLIENT_TESTS_H_
-#define _TEST036_CLIENT_TESTS_H_
+#ifndef _TEST_I036_CLIENT_TESTS_H_
+#define _TEST_I036_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i037/test_i037.c b/api-tests/ff/ipc/test_i037/test_i037.c
index 537e525..8a0d821 100644
--- a/api-tests/ff/ipc/test_i037/test_i037.c
+++ b/api-tests/ff/ipc/test_i037/test_i037.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i037.h"
diff --git a/api-tests/ff/ipc/test_i037/test_i037.h b/api-tests/ff/ipc/test_i037/test_i037.h
index 0ced907..4dde872 100644
--- a/api-tests/ff/ipc/test_i037/test_i037.h
+++ b/api-tests/ff/ipc/test_i037/test_i037.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST037_CLIENT_TESTS_H_
-#define _TEST037_CLIENT_TESTS_H_
+#ifndef _TEST_I037_CLIENT_TESTS_H_
+#define _TEST_I037_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i038/test_i038.c b/api-tests/ff/ipc/test_i038/test_i038.c
index 468d106..98dd4a0 100644
--- a/api-tests/ff/ipc/test_i038/test_i038.c
+++ b/api-tests/ff/ipc/test_i038/test_i038.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i038.h"
diff --git a/api-tests/ff/ipc/test_i038/test_i038.h b/api-tests/ff/ipc/test_i038/test_i038.h
index a8b99e3..3579803 100644
--- a/api-tests/ff/ipc/test_i038/test_i038.h
+++ b/api-tests/ff/ipc/test_i038/test_i038.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST038_CLIENT_TESTS_H_
-#define _TEST038_CLIENT_TESTS_H_
+#ifndef _TEST_I038_CLIENT_TESTS_H_
+#define _TEST_I038_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i039/test_i039.c b/api-tests/ff/ipc/test_i039/test_i039.c
index b2f4de4..2db39ae 100644
--- a/api-tests/ff/ipc/test_i039/test_i039.c
+++ b/api-tests/ff/ipc/test_i039/test_i039.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i039.h"
diff --git a/api-tests/ff/ipc/test_i039/test_i039.h b/api-tests/ff/ipc/test_i039/test_i039.h
index 5a87b2e..853a11a 100644
--- a/api-tests/ff/ipc/test_i039/test_i039.h
+++ b/api-tests/ff/ipc/test_i039/test_i039.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST039_CLIENT_TESTS_H_
-#define _TEST039_CLIENT_TESTS_H_
+#ifndef _TEST_I039_CLIENT_TESTS_H_
+#define _TEST_I039_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i040/test_i040.c b/api-tests/ff/ipc/test_i040/test_i040.c
index 0592200..ec02067 100644
--- a/api-tests/ff/ipc/test_i040/test_i040.c
+++ b/api-tests/ff/ipc/test_i040/test_i040.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i040.h"
diff --git a/api-tests/ff/ipc/test_i040/test_i040.h b/api-tests/ff/ipc/test_i040/test_i040.h
index 2e472ac..6a341a4 100644
--- a/api-tests/ff/ipc/test_i040/test_i040.h
+++ b/api-tests/ff/ipc/test_i040/test_i040.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST040_CLIENT_TESTS_H_
-#define _TEST040_CLIENT_TESTS_H_
+#ifndef _TEST_I040_CLIENT_TESTS_H_
+#define _TEST_I040_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i041/test_i041.c b/api-tests/ff/ipc/test_i041/test_i041.c
index 289fbf6..a4275a9 100644
--- a/api-tests/ff/ipc/test_i041/test_i041.c
+++ b/api-tests/ff/ipc/test_i041/test_i041.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i041.h"
diff --git a/api-tests/ff/ipc/test_i041/test_i041.h b/api-tests/ff/ipc/test_i041/test_i041.h
index 7ae2384..2dbd15f 100644
--- a/api-tests/ff/ipc/test_i041/test_i041.h
+++ b/api-tests/ff/ipc/test_i041/test_i041.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST041_CLIENT_TESTS_H_
-#define _TEST041_CLIENT_TESTS_H_
+#ifndef _TEST_I041_CLIENT_TESTS_H_
+#define _TEST_I041_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i042/test_i042.c b/api-tests/ff/ipc/test_i042/test_i042.c
index ff56a63..4c7652e 100644
--- a/api-tests/ff/ipc/test_i042/test_i042.c
+++ b/api-tests/ff/ipc/test_i042/test_i042.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i042.h"
diff --git a/api-tests/ff/ipc/test_i042/test_i042.h b/api-tests/ff/ipc/test_i042/test_i042.h
index 697434a..cbbffc4 100644
--- a/api-tests/ff/ipc/test_i042/test_i042.h
+++ b/api-tests/ff/ipc/test_i042/test_i042.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST042_CLIENT_TESTS_H_
-#define _TEST042_CLIENT_TESTS_H_
+#ifndef _TEST_I042_CLIENT_TESTS_H_
+#define _TEST_I042_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i043/test_i043.c b/api-tests/ff/ipc/test_i043/test_i043.c
index 24ee058..6bebfe3 100644
--- a/api-tests/ff/ipc/test_i043/test_i043.c
+++ b/api-tests/ff/ipc/test_i043/test_i043.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i043.h"
diff --git a/api-tests/ff/ipc/test_i043/test_i043.h b/api-tests/ff/ipc/test_i043/test_i043.h
index d58b906..efa051e 100644
--- a/api-tests/ff/ipc/test_i043/test_i043.h
+++ b/api-tests/ff/ipc/test_i043/test_i043.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST043_CLIENT_TESTS_H_
-#define _TEST043_CLIENT_TESTS_H_
+#ifndef _TEST_I043_CLIENT_TESTS_H_
+#define _TEST_I043_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i044/test_i044.c b/api-tests/ff/ipc/test_i044/test_i044.c
index ff3962a..17289e1 100644
--- a/api-tests/ff/ipc/test_i044/test_i044.c
+++ b/api-tests/ff/ipc/test_i044/test_i044.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i044.h"
diff --git a/api-tests/ff/ipc/test_i044/test_i044.h b/api-tests/ff/ipc/test_i044/test_i044.h
index 1facf14..af30852 100644
--- a/api-tests/ff/ipc/test_i044/test_i044.h
+++ b/api-tests/ff/ipc/test_i044/test_i044.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST044_CLIENT_TESTS_H_
-#define _TEST044_CLIENT_TESTS_H_
+#ifndef _TEST_I044_CLIENT_TESTS_H_
+#define _TEST_I044_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i045/test_i045.c b/api-tests/ff/ipc/test_i045/test_i045.c
index ba6a31c..3b15f96 100644
--- a/api-tests/ff/ipc/test_i045/test_i045.c
+++ b/api-tests/ff/ipc/test_i045/test_i045.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i045.h"
diff --git a/api-tests/ff/ipc/test_i045/test_i045.h b/api-tests/ff/ipc/test_i045/test_i045.h
index 809721c..452ab20 100644
--- a/api-tests/ff/ipc/test_i045/test_i045.h
+++ b/api-tests/ff/ipc/test_i045/test_i045.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST045_CLIENT_TESTS_H_
-#define _TEST045_CLIENT_TESTS_H_
+#ifndef _TEST_I045_CLIENT_TESTS_H_
+#define _TEST_I045_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i046/test_i046.c b/api-tests/ff/ipc/test_i046/test_i046.c
index 23c192f..0613969 100644
--- a/api-tests/ff/ipc/test_i046/test_i046.c
+++ b/api-tests/ff/ipc/test_i046/test_i046.c
@@ -19,8 +19,8 @@
#include "val_interfaces.h"
#include "val_target.h"
#else
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
#endif
#include "test_i046.h"
diff --git a/api-tests/ff/ipc/test_i046/test_i046.h b/api-tests/ff/ipc/test_i046/test_i046.h
index 4646137..874be97 100644
--- a/api-tests/ff/ipc/test_i046/test_i046.h
+++ b/api-tests/ff/ipc/test_i046/test_i046.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -14,8 +14,8 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
-#ifndef _TEST046_CLIENT_TESTS_H_
-#define _TEST046_CLIENT_TESTS_H_
+#ifndef _TEST_I046_CLIENT_TESTS_H_
+#define _TEST_I046_CLIENT_TESTS_H_
#include "val_client_defs.h"
diff --git a/api-tests/ff/ipc/test_i047/source.mk b/api-tests/ff/ipc/test_i047/source.mk
new file mode 100644
index 0000000..2ac49eb
--- /dev/null
+++ b/api-tests/ff/ipc/test_i047/source.mk
@@ -0,0 +1,25 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i047.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
+
+CC_SOURCE_SPE = test_i047.c test_supp_i047.c
+CC_OPTIONS_SPE =
+AS_SOURCE_SPE =
+AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i047/test_entry.c b/api-tests/ff/ipc/test_i047/test_entry.c
new file mode 100644
index 0000000..432452a
--- /dev/null
+++ b/api-tests/ff/ipc/test_i047/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i047.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 47)
+#define TEST_DESC "Testing psa_get with invalid msg pointer\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i047_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i047/test_i047.c b/api-tests/ff/ipc/test_i047/test_i047.c
new file mode 100644
index 0000000..989c6b0
--- /dev/null
+++ b/api-tests/ff/ipc/test_i047/test_i047.c
@@ -0,0 +1,52 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_partition_common.h"
+#endif
+
+#include "test_i047.h"
+
+client_test_t test_i047_client_tests_list[] = {
+ NULL,
+ client_test_psa_get_with_invalid_msg_pointer,
+ NULL,
+};
+
+int32_t client_test_psa_get_with_invalid_msg_pointer(security_t caller)
+{
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_get with invalid msg pointer\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ if (handle > 0)
+ {
+ psa->close(handle);
+ }
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tpsa_connect should failed but successed\n", 0);
+
+ (void)(handle);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/api-tests/ff/ipc/test_i047/test_i047.h b/api-tests/ff/ipc/test_i047/test_i047.h
new file mode 100644
index 0000000..a062df4
--- /dev/null
+++ b/api-tests/ff/ipc/test_i047/test_i047.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I047_CLIENT_TESTS_H_
+#define _TEST_I047_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i047)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i047_client_tests_list[];
+
+int32_t client_test_psa_get_with_invalid_msg_pointer(security_t);
+#endif
diff --git a/api-tests/ff/ipc/test_i047/test_supp_i047.c b/api-tests/ff/ipc/test_i047/test_supp_i047.c
new file mode 100644
index 0000000..b41aa97
--- /dev/null
+++ b/api-tests/ff/ipc/test_i047/test_supp_i047.c
@@ -0,0 +1,111 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+
+int32_t server_test_psa_get_with_invalid_msg_pointer(void);
+
+server_test_t test_i047_server_tests_list[] = {
+ NULL,
+ server_test_psa_get_with_invalid_msg_pointer,
+ NULL,
+};
+
+int32_t server_test_psa_get_with_invalid_msg_pointer(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_signal_t signals = 0;
+ psa_msg_t *invalid_msg = NULL;
+ miscellaneous_desc_t *misc_desc;
+ memory_desc_t *memory_desc;
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ signals = psa_wait(SERVER_UNSPECIFED_MINOR_V_SIG, PSA_BLOCK);
+ if ((signals & SERVER_UNSPECIFED_MINOR_V_SIG) == 0)
+ {
+ val_print(PRINT_ERROR,
+ "psa_wait returned with invalid signal value = 0x%x\n", signals);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Selection of invalid msg pointer:
+ * if (ISOLATION_LEVEL > 1)
+ * msg_pointer = driver_mmio_region_base;
+ * else
+ * msg_pointer = NULL;
+ */
+
+ status = val_target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
+ MISCELLANEOUS_DUT, 0),
+ (uint8_t **)&misc_desc,
+ (uint32_t *)sizeof(miscellaneous_desc_t));
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ return status;
+ }
+
+ if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ {
+ status = val_target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ MEMORY_DRIVER_PARTITION_MMIO, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ return status;
+ }
+
+ invalid_msg = (psa_msg_t *) memory_desc->start;
+ }
+
+ /* Setting boot.state before test check */
+ if (val_set_boot_flag(BOOT_EXPECTED_NS))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* psa_get with invalid msg pointer */
+ psa_get(SERVER_UNSPECIFED_MINOR_V_SIG, invalid_msg);
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_get with invalid msg pointer should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ /* Reject the connection */
+ psa_reply(invalid_msg->handle, PSA_CONNECTION_REFUSED);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/api-tests/ff/ipc/test_i048/source.mk b/api-tests/ff/ipc/test_i048/source.mk
new file mode 100644
index 0000000..6f4b483
--- /dev/null
+++ b/api-tests/ff/ipc/test_i048/source.mk
@@ -0,0 +1,25 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i048.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
+
+CC_SOURCE_SPE = test_i048.c test_supp_i048.c
+CC_OPTIONS_SPE =
+AS_SOURCE_SPE =
+AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i048/test_entry.c b/api-tests/ff/ipc/test_i048/test_entry.c
new file mode 100644
index 0000000..0ecbaaa
--- /dev/null
+++ b/api-tests/ff/ipc/test_i048/test_entry.c
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i048.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 48)
+#define TEST_DESC "Testing psa_call with invalid address for in_vec\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i048_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i048/test_i048.c b/api-tests/ff/ipc/test_i048/test_i048.c
new file mode 100644
index 0000000..718236f
--- /dev/null
+++ b/api-tests/ff/ipc/test_i048/test_i048.c
@@ -0,0 +1,132 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_partition_common.h"
+#endif
+
+#include "test_i048.h"
+
+client_test_t test_i048_client_tests_list[] = {
+ NULL,
+ client_test_psa_call_with_invalid_invec_pointer,
+ NULL,
+};
+
+int32_t client_test_psa_call_with_invalid_invec_pointer(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+ boot_state_t boot_state;
+ miscellaneous_desc_t *misc_desc;
+ memory_desc_t *memory_desc;
+ psa_invec *invalid_invec = NULL;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_call with invalid address for in_vec\n", 0);
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ /* Selection of invalid invec pointer:
+ * if caller == NONSECURE
+ * // PSA RoT pointer
+ * invec_pointer = driver_mmio_region_base;
+ * else
+ * if (ISOLATION_LEVEL > 1)
+ * invec_pointer = driver_mmio_region_base;
+ * else
+ * invec_pointer = NULL;
+ */
+
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ MEMORY_DRIVER_PARTITION_MMIO, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(101), status))
+ {
+ psa->close(handle);
+ return status;
+ }
+
+ if (caller == NONSECURE)
+ invalid_invec = (psa_invec *) memory_desc->start;
+ else
+ {
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
+ MISCELLANEOUS_DUT, 0),
+ (uint8_t **)&misc_desc,
+ (uint32_t *)sizeof(miscellaneous_desc_t));
+
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(102), status))
+ {
+ psa->close(handle);
+ return status;
+ }
+
+ if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ invalid_invec = (psa_invec *) memory_desc->start;
+ }
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Test check- psa_call with invalid address for in_vec */
+ status_of_call = psa->call(handle, invalid_invec, 1, NULL, 0);
+
+ /* Expectation is psa_call should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tpsa_call should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/api-tests/ff/ipc/test_i048/test_i048.h b/api-tests/ff/ipc/test_i048/test_i048.h
new file mode 100644
index 0000000..ee38e79
--- /dev/null
+++ b/api-tests/ff/ipc/test_i048/test_i048.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I048_CLIENT_TESTS_H_
+#define _TEST_I048_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i048)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i048_client_tests_list[];
+
+int32_t client_test_psa_call_with_invalid_invec_pointer(security_t);
+#endif
diff --git a/api-tests/ff/ipc/test_i048/test_supp_i048.c b/api-tests/ff/ipc/test_i048/test_supp_i048.c
new file mode 100644
index 0000000..5384990
--- /dev/null
+++ b/api-tests/ff/ipc/test_i048/test_supp_i048.c
@@ -0,0 +1,52 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_call_with_invalid_invec_pointer(void);
+
+server_test_t test_i048_server_tests_list[] = {
+ NULL,
+ server_test_psa_call_with_invalid_invec_pointer,
+ NULL,
+};
+
+int32_t server_test_psa_call_with_invalid_invec_pointer(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+
+ /* Control shouldn't have come here */
+ val_print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+ psa_reply(msg.handle, -2);
+
+ val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/api-tests/ff/ipc/test_i049/source.mk b/api-tests/ff/ipc/test_i049/source.mk
new file mode 100644
index 0000000..6d6a3f4
--- /dev/null
+++ b/api-tests/ff/ipc/test_i049/source.mk
@@ -0,0 +1,25 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i049.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
+
+CC_SOURCE_SPE = test_i049.c test_supp_i049.c
+CC_OPTIONS_SPE =
+AS_SOURCE_SPE =
+AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i049/test_entry.c b/api-tests/ff/ipc/test_i049/test_entry.c
new file mode 100644
index 0000000..d722587
--- /dev/null
+++ b/api-tests/ff/ipc/test_i049/test_entry.c
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i049.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 49)
+#define TEST_DESC "Testing psa_call with invalid address for outvec\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i049_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i049/test_i049.c b/api-tests/ff/ipc/test_i049/test_i049.c
new file mode 100644
index 0000000..01999df
--- /dev/null
+++ b/api-tests/ff/ipc/test_i049/test_i049.c
@@ -0,0 +1,132 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_partition_common.h"
+#endif
+
+#include "test_i049.h"
+
+client_test_t test_i049_client_tests_list[] = {
+ NULL,
+ client_test_psa_call_with_invalid_outvec_pointer,
+ NULL,
+};
+
+int32_t client_test_psa_call_with_invalid_outvec_pointer(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+ boot_state_t boot_state;
+ miscellaneous_desc_t *misc_desc;
+ memory_desc_t *memory_desc;
+ psa_outvec *invalid_outvec = NULL;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_call with invalid address for outvec\n", 0);
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ /* Selection of invalid outvec pointer:
+ * if caller == NONSECURE
+ * // PSA RoT pointer
+ * outvec_pointer = driver_mmio_region_base;
+ * else
+ * if (ISOLATION_LEVEL > 1)
+ * outvec_pointer = driver_mmio_region_base;
+ * else
+ * outvec_pointer = NULL;
+ */
+
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ MEMORY_DRIVER_PARTITION_MMIO, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(101), status))
+ {
+ psa->close(handle);
+ return status;
+ }
+
+ if (caller == NONSECURE)
+ invalid_outvec = (psa_outvec *) memory_desc->start;
+ else
+ {
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
+ MISCELLANEOUS_DUT, 0),
+ (uint8_t **)&misc_desc,
+ (uint32_t *)sizeof(miscellaneous_desc_t));
+
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(102), status))
+ {
+ psa->close(handle);
+ return status;
+ }
+
+ if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ invalid_outvec = (psa_outvec *) memory_desc->start;
+ }
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Test check- psa_call with invalid address for outvec */
+ status_of_call = psa->call(handle, NULL, 0, invalid_outvec, 1);
+
+ /* Expectation is psa_call should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tpsa_call should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/api-tests/ff/ipc/test_i049/test_i049.h b/api-tests/ff/ipc/test_i049/test_i049.h
new file mode 100644
index 0000000..8a1e8d0
--- /dev/null
+++ b/api-tests/ff/ipc/test_i049/test_i049.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I049_CLIENT_TESTS_H_
+#define _TEST_I049_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i049)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i049_client_tests_list[];
+
+int32_t client_test_psa_call_with_invalid_outvec_pointer(security_t);
+#endif
diff --git a/api-tests/ff/ipc/test_i049/test_supp_i049.c b/api-tests/ff/ipc/test_i049/test_supp_i049.c
new file mode 100644
index 0000000..73e5d68
--- /dev/null
+++ b/api-tests/ff/ipc/test_i049/test_supp_i049.c
@@ -0,0 +1,52 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_call_with_invalid_outvec_pointer(void);
+
+server_test_t test_i049_server_tests_list[] = {
+ NULL,
+ server_test_psa_call_with_invalid_outvec_pointer,
+ NULL,
+};
+
+int32_t server_test_psa_call_with_invalid_outvec_pointer(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+
+ /* Control shouldn't have come here */
+ val_print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+ psa_reply(msg.handle, -2);
+
+ val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/api-tests/ff/ipc/test_i050/source.mk b/api-tests/ff/ipc/test_i050/source.mk
new file mode 100644
index 0000000..790c1cc
--- /dev/null
+++ b/api-tests/ff/ipc/test_i050/source.mk
@@ -0,0 +1,25 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i050.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
+
+CC_SOURCE_SPE = test_i050.c test_supp_i050.c
+CC_OPTIONS_SPE =
+AS_SOURCE_SPE =
+AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i050/test_entry.c b/api-tests/ff/ipc/test_i050/test_entry.c
new file mode 100644
index 0000000..c71b575
--- /dev/null
+++ b/api-tests/ff/ipc/test_i050/test_entry.c
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i050.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 50)
+#define TEST_DESC "Testing psa_call with invalid psa_invec.base\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i050_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i050/test_i050.c b/api-tests/ff/ipc/test_i050/test_i050.c
new file mode 100644
index 0000000..bf5fd21
--- /dev/null
+++ b/api-tests/ff/ipc/test_i050/test_i050.c
@@ -0,0 +1,134 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_partition_common.h"
+#endif
+
+#include "test_i050.h"
+
+client_test_t test_i050_client_tests_list[] = {
+ NULL,
+ client_test_psa_call_with_invalid_invec_base,
+ NULL,
+};
+
+int32_t client_test_psa_call_with_invalid_invec_base(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+ boot_state_t boot_state;
+ miscellaneous_desc_t *misc_desc;
+ memory_desc_t *memory_desc;
+ addr_t *invalid_base = NULL;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_call with invalid psa_invec.base\n", 0);
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ /* Selection of invalid invec pointer:
+ * if caller == NONSECURE
+ * // PSA RoT pointer
+ * invalid_base = driver_mmio_region_base;
+ * else
+ * if (ISOLATION_LEVEL > 1)
+ * invalid_base = driver_mmio_region_base;
+ * else
+ * invalid_base = NULL;
+ */
+
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ MEMORY_DRIVER_PARTITION_MMIO, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(101), status))
+ {
+ psa->close(handle);
+ return status;
+ }
+
+ if (caller == NONSECURE)
+ invalid_base = (addr_t *) memory_desc->start;
+ else
+ {
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
+ MISCELLANEOUS_DUT, 0),
+ (uint8_t **)&misc_desc,
+ (uint32_t *)sizeof(miscellaneous_desc_t));
+
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(102), status))
+ {
+ psa->close(handle);
+ return status;
+ }
+
+ if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ invalid_base = (addr_t *) memory_desc->start;
+ }
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ psa_invec invec[1] = {{invalid_base, sizeof(addr_t)}};
+
+ /* Test check- psa_call with invalid address for psa_invec.base */
+ status_of_call = psa->call(handle, invec, 1, NULL, 0);
+
+ /* Expectation is psa_call should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tpsa_call should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/api-tests/ff/ipc/test_i050/test_i050.h b/api-tests/ff/ipc/test_i050/test_i050.h
new file mode 100644
index 0000000..c31a349
--- /dev/null
+++ b/api-tests/ff/ipc/test_i050/test_i050.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I050_CLIENT_TESTS_H_
+#define _TEST_I050_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i050)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i050_client_tests_list[];
+
+int32_t client_test_psa_call_with_invalid_invec_base(security_t);
+#endif
diff --git a/api-tests/ff/ipc/test_i050/test_supp_i050.c b/api-tests/ff/ipc/test_i050/test_supp_i050.c
new file mode 100644
index 0000000..e1b2979
--- /dev/null
+++ b/api-tests/ff/ipc/test_i050/test_supp_i050.c
@@ -0,0 +1,52 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_call_with_invalid_invec_base(void);
+
+server_test_t test_i050_server_tests_list[] = {
+ NULL,
+ server_test_psa_call_with_invalid_invec_base,
+ NULL,
+};
+
+int32_t server_test_psa_call_with_invalid_invec_base(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+
+ /* Control shouldn't have come here */
+ val_print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+ psa_reply(msg.handle, -2);
+
+ val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/api-tests/ff/ipc/test_i051/source.mk b/api-tests/ff/ipc/test_i051/source.mk
new file mode 100644
index 0000000..70d114a
--- /dev/null
+++ b/api-tests/ff/ipc/test_i051/source.mk
@@ -0,0 +1,25 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i051.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
+
+CC_SOURCE_SPE = test_i051.c test_supp_i051.c
+CC_OPTIONS_SPE =
+AS_SOURCE_SPE =
+AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i051/test_entry.c b/api-tests/ff/ipc/test_i051/test_entry.c
new file mode 100644
index 0000000..f12987d
--- /dev/null
+++ b/api-tests/ff/ipc/test_i051/test_entry.c
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i051.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 51)
+#define TEST_DESC "Testing psa_call with invalid psa_outvec.base\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i051_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i051/test_i051.c b/api-tests/ff/ipc/test_i051/test_i051.c
new file mode 100644
index 0000000..3b4a726
--- /dev/null
+++ b/api-tests/ff/ipc/test_i051/test_i051.c
@@ -0,0 +1,134 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_partition_common.h"
+#endif
+
+#include "test_i051.h"
+
+client_test_t test_i051_client_tests_list[] = {
+ NULL,
+ client_test_psa_call_with_invalid_outvec_base,
+ NULL,
+};
+
+int32_t client_test_psa_call_with_invalid_outvec_base(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+ boot_state_t boot_state;
+ miscellaneous_desc_t *misc_desc;
+ memory_desc_t *memory_desc;
+ addr_t *invalid_base = NULL;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_call with invalid psa_outvec.base\n", 0);
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ /* Selection of invalid outvec pointer:
+ * if caller == NONSECURE
+ * // PSA RoT pointer
+ * invalid_base = driver_mmio_region_base;
+ * else
+ * if (ISOLATION_LEVEL > 1)
+ * invalid_base = driver_mmio_region_base;
+ * else
+ * invalid_base = NULL;
+ */
+
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ MEMORY_DRIVER_PARTITION_MMIO, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(101), status))
+ {
+ psa->close(handle);
+ return status;
+ }
+
+ if (caller == NONSECURE)
+ invalid_base = (addr_t *) memory_desc->start;
+ else
+ {
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
+ MISCELLANEOUS_DUT, 0),
+ (uint8_t **)&misc_desc,
+ (uint32_t *)sizeof(miscellaneous_desc_t));
+
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(102), status))
+ {
+ psa->close(handle);
+ return status;
+ }
+
+ if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ invalid_base = (addr_t *) memory_desc->start;
+ }
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ psa_outvec outvec[1] = {{invalid_base, sizeof(addr_t)}};
+
+ /* Test check- psa_call with invalid address for psa_outvec.base */
+ status_of_call = psa->call(handle, NULL, 0, outvec, 0);
+
+ /* Expectation is psa_call should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tpsa_call should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/api-tests/ff/ipc/test_i051/test_i051.h b/api-tests/ff/ipc/test_i051/test_i051.h
new file mode 100644
index 0000000..38cbdd0
--- /dev/null
+++ b/api-tests/ff/ipc/test_i051/test_i051.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I051_CLIENT_TESTS_H_
+#define _TEST_I051_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i051)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i051_client_tests_list[];
+
+int32_t client_test_psa_call_with_invalid_outvec_base(security_t);
+#endif
diff --git a/api-tests/ff/ipc/test_i051/test_supp_i051.c b/api-tests/ff/ipc/test_i051/test_supp_i051.c
new file mode 100644
index 0000000..8acb38a
--- /dev/null
+++ b/api-tests/ff/ipc/test_i051/test_supp_i051.c
@@ -0,0 +1,52 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_call_with_invalid_outvec_base(void);
+
+server_test_t test_i051_server_tests_list[] = {
+ NULL,
+ server_test_psa_call_with_invalid_outvec_base,
+ NULL,
+};
+
+int32_t server_test_psa_call_with_invalid_outvec_base(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+
+ /* Control shouldn't have come here */
+ val_print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+ psa_reply(msg.handle, -2);
+
+ val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/api-tests/ff/ipc/test_i052/source.mk b/api-tests/ff/ipc/test_i052/source.mk
new file mode 100644
index 0000000..29268c6
--- /dev/null
+++ b/api-tests/ff/ipc/test_i052/source.mk
@@ -0,0 +1,25 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i052.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
+
+CC_SOURCE_SPE = test_i052.c test_supp_i052.c
+CC_OPTIONS_SPE =
+AS_SOURCE_SPE =
+AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i052/test_entry.c b/api-tests/ff/ipc/test_i052/test_entry.c
new file mode 100644
index 0000000..ddbc149
--- /dev/null
+++ b/api-tests/ff/ipc/test_i052/test_entry.c
@@ -0,0 +1,72 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i052.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 52)
+#define TEST_DESC "Testing psa_call with invalid end_addr for psa_invec\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ miscellaneous_desc_t *misc_desc;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i052_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
+ MISCELLANEOUS_DUT, 0),
+ (uint8_t **)&misc_desc,
+ (uint32_t *)sizeof(miscellaneous_desc_t));
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ {
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i052/test_i052.c b/api-tests/ff/ipc/test_i052/test_i052.c
new file mode 100644
index 0000000..6b67f7f
--- /dev/null
+++ b/api-tests/ff/ipc/test_i052/test_i052.c
@@ -0,0 +1,133 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_partition_common.h"
+#endif
+
+#include "test_i052.h"
+
+client_test_t test_i052_client_tests_list[] = {
+ NULL,
+ client_test_psa_call_with_invalid_invec_end_addr,
+ NULL,
+};
+
+int32_t client_test_psa_call_with_invalid_invec_end_addr(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+ boot_state_t boot_state;
+ memory_desc_t *memory_desc_driver, *memory_desc;
+ size_t invalid_size;
+ memory_cfg_id_t memory_cfg_id;
+ addr_t *valid_base = NULL;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_call with invalid end_addr for psa_invec\n", 0);
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ /* Selection of invalid size for psa_invec:
+ * if caller == NONSECURE
+ * valid_base = nspe_mmio_region_base;
+ * invalid_size = (driver_mmio_region_base - nspe_mmio_region_base + 1);
+ * else
+ * if (ISOLATION_LEVEL > 1)
+ * valid_base = client_mmio_region_base;
+ * invalid_size = (driver_mmio_region_base - client_mmio_region_base + 1);
+ */
+
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ MEMORY_DRIVER_PARTITION_MMIO, 0),
+ (uint8_t **)&memory_desc_driver,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(101), status))
+ {
+ psa->close(handle);
+ return status;
+ }
+
+ if (caller == NONSECURE)
+ memory_cfg_id = MEMORY_NSPE_MMIO;
+ else
+ memory_cfg_id = MEMORY_CLIENT_PARTITION_MMIO;
+
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ memory_cfg_id, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(102), status))
+ {
+ psa->close(handle);
+ return status;
+ }
+
+ valid_base = (addr_t *) memory_desc->start;
+ invalid_size = (memory_desc_driver->start - memory_desc->start + 1);
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ psa_invec invec[1] = {{valid_base, invalid_size}};
+
+ /* Test check- psa_call with invalid end_addr for psa_invec */
+ status_of_call = psa->call(handle, invec, 1, NULL, 0);
+
+ /* Expectation is psa_call should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tpsa_call should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/api-tests/ff/ipc/test_i052/test_i052.h b/api-tests/ff/ipc/test_i052/test_i052.h
new file mode 100644
index 0000000..62acbb8
--- /dev/null
+++ b/api-tests/ff/ipc/test_i052/test_i052.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I052_CLIENT_TESTS_H_
+#define _TEST_I052_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i052)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i052_client_tests_list[];
+
+int32_t client_test_psa_call_with_invalid_invec_end_addr(security_t);
+#endif
diff --git a/api-tests/ff/ipc/test_i052/test_supp_i052.c b/api-tests/ff/ipc/test_i052/test_supp_i052.c
new file mode 100644
index 0000000..0eeafce
--- /dev/null
+++ b/api-tests/ff/ipc/test_i052/test_supp_i052.c
@@ -0,0 +1,52 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_call_with_invalid_invec_end_addr(void);
+
+server_test_t test_i052_server_tests_list[] = {
+ NULL,
+ server_test_psa_call_with_invalid_invec_end_addr,
+ NULL,
+};
+
+int32_t server_test_psa_call_with_invalid_invec_end_addr(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+
+ /* Control shouldn't have come here */
+ val_print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+ psa_reply(msg.handle, -2);
+
+ val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/api-tests/ff/ipc/test_i053/source.mk b/api-tests/ff/ipc/test_i053/source.mk
new file mode 100644
index 0000000..a34d622
--- /dev/null
+++ b/api-tests/ff/ipc/test_i053/source.mk
@@ -0,0 +1,25 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i053.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
+
+CC_SOURCE_SPE = test_i053.c test_supp_i053.c
+CC_OPTIONS_SPE =
+AS_SOURCE_SPE =
+AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i053/test_entry.c b/api-tests/ff/ipc/test_i053/test_entry.c
new file mode 100644
index 0000000..014dfaf
--- /dev/null
+++ b/api-tests/ff/ipc/test_i053/test_entry.c
@@ -0,0 +1,72 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i053.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 53)
+#define TEST_DESC "Testing psa_call with invalid end_addr for psa_outvec\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ miscellaneous_desc_t *misc_desc;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i053_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
+ MISCELLANEOUS_DUT, 0),
+ (uint8_t **)&misc_desc,
+ (uint32_t *)sizeof(miscellaneous_desc_t));
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ {
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i053/test_i053.c b/api-tests/ff/ipc/test_i053/test_i053.c
new file mode 100644
index 0000000..9420ba1
--- /dev/null
+++ b/api-tests/ff/ipc/test_i053/test_i053.c
@@ -0,0 +1,133 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_partition_common.h"
+#endif
+
+#include "test_i053.h"
+
+client_test_t test_i053_client_tests_list[] = {
+ NULL,
+ client_test_psa_call_with_invalid_outvec_end_addr,
+ NULL,
+};
+
+int32_t client_test_psa_call_with_invalid_outvec_end_addr(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+ boot_state_t boot_state;
+ memory_desc_t *memory_desc_driver, *memory_desc;
+ size_t invalid_size;
+ memory_cfg_id_t memory_cfg_id;
+ addr_t *valid_base = NULL;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_call with invalid end_addr for psa_outvec\n", 0);
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ /* Selection of invalid size for psa_outvec:
+ * if caller == NONSECURE
+ * valid_base = nspe_mmio_region_base;
+ * invalid_size = (driver_mmio_region_base - nspe_mmio_region_base + 1);
+ * else
+ * if (ISOLATION_LEVEL > 1)
+ * valid_base = client_mmio_region_base;
+ * invalid_size = (driver_mmio_region_base - client_mmio_region_base + 1);
+ */
+
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ MEMORY_DRIVER_PARTITION_MMIO, 0),
+ (uint8_t **)&memory_desc_driver,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(101), status))
+ {
+ psa->close(handle);
+ return status;
+ }
+
+ if (caller == NONSECURE)
+ memory_cfg_id = MEMORY_NSPE_MMIO;
+ else
+ memory_cfg_id = MEMORY_CLIENT_PARTITION_MMIO;
+
+ status = val->target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ memory_cfg_id, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(102), status))
+ {
+ psa->close(handle);
+ return status;
+ }
+
+ valid_base = (addr_t *) memory_desc->start;
+ invalid_size = (memory_desc_driver->start - memory_desc->start + 1);
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ psa_outvec outvec[1] = {{valid_base, invalid_size}};
+
+ /* Test check- psa_call with invalid end_addr for psa_outvec */
+ status_of_call = psa->call(handle, NULL, 0, outvec, 1);
+
+ /* Expectation is psa_call should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tpsa_call should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/api-tests/ff/ipc/test_i053/test_i053.h b/api-tests/ff/ipc/test_i053/test_i053.h
new file mode 100644
index 0000000..25bfccc
--- /dev/null
+++ b/api-tests/ff/ipc/test_i053/test_i053.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I053_CLIENT_TESTS_H_
+#define _TEST_I053_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i053)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i053_client_tests_list[];
+
+int32_t client_test_psa_call_with_invalid_outvec_end_addr(security_t);
+#endif
diff --git a/api-tests/ff/ipc/test_i053/test_supp_i053.c b/api-tests/ff/ipc/test_i053/test_supp_i053.c
new file mode 100644
index 0000000..c2d853b
--- /dev/null
+++ b/api-tests/ff/ipc/test_i053/test_supp_i053.c
@@ -0,0 +1,52 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_call_with_invalid_outvec_end_addr(void);
+
+server_test_t test_i053_server_tests_list[] = {
+ NULL,
+ server_test_psa_call_with_invalid_outvec_end_addr,
+ NULL,
+};
+
+int32_t server_test_psa_call_with_invalid_outvec_end_addr(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+
+ /* Control shouldn't have come here */
+ val_print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+ psa_reply(msg.handle, -2);
+
+ val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/api-tests/ff/ipc/test_i054/source.mk b/api-tests/ff/ipc/test_i054/source.mk
new file mode 100644
index 0000000..bad2298
--- /dev/null
+++ b/api-tests/ff/ipc/test_i054/source.mk
@@ -0,0 +1,25 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i054.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
+
+CC_SOURCE_SPE = test_i054.c test_supp_i054.c
+CC_OPTIONS_SPE =
+AS_SOURCE_SPE =
+AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i054/test_entry.c b/api-tests/ff/ipc/test_i054/test_entry.c
new file mode 100644
index 0000000..71e9355
--- /dev/null
+++ b/api-tests/ff/ipc/test_i054/test_entry.c
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i054.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 54)
+#define TEST_DESC "Testing psa_call with not writable psa_outvec.base\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i054_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i054/test_i054.c b/api-tests/ff/ipc/test_i054/test_i054.c
new file mode 100644
index 0000000..894cb86
--- /dev/null
+++ b/api-tests/ff/ipc/test_i054/test_i054.c
@@ -0,0 +1,91 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_partition_common.h"
+#endif
+
+#include "test_i054.h"
+
+client_test_t test_i054_client_tests_list[] = {
+ NULL,
+ client_test_psa_call_with_not_writable_outvec_base,
+ NULL,
+};
+
+int32_t client_test_psa_call_with_not_writable_outvec_base(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+ boot_state_t boot_state;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_call with not writable psa_outvec.base\n", 0);
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Using function address (code) as not writable address */
+ psa_outvec outvec[1] = {{&client_test_psa_call_with_not_writable_outvec_base, sizeof(char)}};
+
+ /* Test check- psa_call with not writable psa_outvec.base */
+ status_of_call = psa->call(handle, NULL, 0, outvec, 0);
+
+ /* Expectation is psa_call should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tpsa_call should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/api-tests/ff/ipc/test_i054/test_i054.h b/api-tests/ff/ipc/test_i054/test_i054.h
new file mode 100644
index 0000000..a86d56a
--- /dev/null
+++ b/api-tests/ff/ipc/test_i054/test_i054.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I054_CLIENT_TESTS_H_
+#define _TEST_I054_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i054)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i054_client_tests_list[];
+
+int32_t client_test_psa_call_with_not_writable_outvec_base(security_t);
+#endif
diff --git a/api-tests/ff/ipc/test_i054/test_supp_i054.c b/api-tests/ff/ipc/test_i054/test_supp_i054.c
new file mode 100644
index 0000000..bdaae57
--- /dev/null
+++ b/api-tests/ff/ipc/test_i054/test_supp_i054.c
@@ -0,0 +1,52 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_call_with_not_writable_outvec_base(void);
+
+server_test_t test_i054_server_tests_list[] = {
+ NULL,
+ server_test_psa_call_with_not_writable_outvec_base,
+ NULL,
+};
+
+int32_t server_test_psa_call_with_not_writable_outvec_base(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+
+ /* Control shouldn't have come here */
+ val_print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+ psa_reply(msg.handle, -2);
+
+ val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/api-tests/ff/ipc/test_i055/source.mk b/api-tests/ff/ipc/test_i055/source.mk
new file mode 100644
index 0000000..742d2ce
--- /dev/null
+++ b/api-tests/ff/ipc/test_i055/source.mk
@@ -0,0 +1,25 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i055.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
+
+CC_SOURCE_SPE = test_i055.c test_supp_i055.c
+CC_OPTIONS_SPE =
+AS_SOURCE_SPE =
+AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i055/test_entry.c b/api-tests/ff/ipc/test_i055/test_entry.c
new file mode 100644
index 0000000..3ac22a0
--- /dev/null
+++ b/api-tests/ff/ipc/test_i055/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i055.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 55)
+#define TEST_DESC "Testing psa_read with invalid buffer addr\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i055_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i055/test_i055.c b/api-tests/ff/ipc/test_i055/test_i055.c
new file mode 100644
index 0000000..29616aa
--- /dev/null
+++ b/api-tests/ff/ipc/test_i055/test_i055.c
@@ -0,0 +1,62 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_partition_common.h"
+#endif
+
+#include "test_i055.h"
+
+client_test_t test_i055_client_tests_list[] = {
+ NULL,
+ client_test_psa_read_with_invalid_buffer_addr,
+ NULL,
+};
+
+int32_t client_test_psa_read_with_invalid_buffer_addr(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ uint8_t data = 0x11;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_read with invalid buffer addr\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ psa_invec invec[1] = {{&data, sizeof(data)}};
+ status_of_call = psa->call(handle, invec, 1, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but successed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/api-tests/ff/ipc/test_i055/test_i055.h b/api-tests/ff/ipc/test_i055/test_i055.h
new file mode 100644
index 0000000..5d63951
--- /dev/null
+++ b/api-tests/ff/ipc/test_i055/test_i055.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I055_CLIENT_TESTS_H_
+#define _TEST_I055_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i055)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i055_client_tests_list[];
+
+int32_t client_test_psa_read_with_invalid_buffer_addr(security_t);
+#endif
diff --git a/api-tests/ff/ipc/test_i055/test_supp_i055.c b/api-tests/ff/ipc/test_i055/test_supp_i055.c
new file mode 100644
index 0000000..7cc450e
--- /dev/null
+++ b/api-tests/ff/ipc/test_i055/test_supp_i055.c
@@ -0,0 +1,132 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_read_with_invalid_buffer_addr(void);
+
+server_test_t test_i055_server_tests_list[] = {
+ NULL,
+ server_test_psa_read_with_invalid_buffer_addr,
+ NULL,
+};
+
+int32_t server_test_psa_read_with_invalid_buffer_addr(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ void *buffer = NULL;
+ miscellaneous_desc_t *misc_desc;
+ memory_desc_t *memory_desc;
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+
+ /* Selection of invalid buffer addr:
+ * if (ISOLATION_LEVEL > 1)
+ * buffer = driver_mmio_region_base;
+ * else
+ * buffer = NULL;
+ */
+
+ status = val_target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
+ MISCELLANEOUS_DUT, 0),
+ (uint8_t **)&misc_desc,
+ (uint32_t *)sizeof(miscellaneous_desc_t));
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ {
+ status = val_target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ MEMORY_DRIVER_PARTITION_MMIO, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ buffer = (void *) memory_desc->start;
+ }
+
+ /* Accept the connection */
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ /* Server psa_call */
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(204), status))
+ {
+ psa_reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if(val_err_check_set(TEST_CHECKPOINT_NUM(205), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_read with invalid buffer addr */
+ psa_read(msg.handle, 0, (void *)buffer, msg.in_size[0]);
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_read with invalid buffer should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa_reply(msg.handle, -4);
+ }
+ }
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(206), status);
+ status = ((val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ ? VAL_STATUS_ERROR : status);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
diff --git a/api-tests/ff/ipc/test_i056/source.mk b/api-tests/ff/ipc/test_i056/source.mk
new file mode 100644
index 0000000..1e4739d
--- /dev/null
+++ b/api-tests/ff/ipc/test_i056/source.mk
@@ -0,0 +1,25 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i056.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
+
+CC_SOURCE_SPE = test_i056.c test_supp_i056.c
+CC_OPTIONS_SPE =
+AS_SOURCE_SPE =
+AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i056/test_entry.c b/api-tests/ff/ipc/test_i056/test_entry.c
new file mode 100644
index 0000000..656ed19
--- /dev/null
+++ b/api-tests/ff/ipc/test_i056/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i056.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 56)
+#define TEST_DESC "Testing psa_read with not writable buffer addr\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i056_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i056/test_i056.c b/api-tests/ff/ipc/test_i056/test_i056.c
new file mode 100644
index 0000000..bd5a7c5
--- /dev/null
+++ b/api-tests/ff/ipc/test_i056/test_i056.c
@@ -0,0 +1,62 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_partition_common.h"
+#endif
+
+#include "test_i056.h"
+
+client_test_t test_i056_client_tests_list[] = {
+ NULL,
+ client_test_psa_read_with_not_writable_buffer_addr,
+ NULL,
+};
+
+int32_t client_test_psa_read_with_not_writable_buffer_addr(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ uint8_t data = 0x11;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_read with invalid buffer addr\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ psa_invec invec[1] = {{&data, sizeof(data)}};
+ status_of_call = psa->call(handle, invec, 1, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but successed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/api-tests/ff/ipc/test_i056/test_i056.h b/api-tests/ff/ipc/test_i056/test_i056.h
new file mode 100644
index 0000000..0cf6edc
--- /dev/null
+++ b/api-tests/ff/ipc/test_i056/test_i056.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I056_CLIENT_TESTS_H_
+#define _TEST_I056_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i056)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i056_client_tests_list[];
+
+int32_t client_test_psa_read_with_not_writable_buffer_addr(security_t);
+#endif
diff --git a/api-tests/ff/ipc/test_i056/test_supp_i056.c b/api-tests/ff/ipc/test_i056/test_supp_i056.c
new file mode 100644
index 0000000..9a47e3b
--- /dev/null
+++ b/api-tests/ff/ipc/test_i056/test_supp_i056.c
@@ -0,0 +1,101 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_read_with_not_writable_buffer_addr(void);
+
+server_test_t test_i056_server_tests_list[] = {
+ NULL,
+ server_test_psa_read_with_not_writable_buffer_addr,
+ NULL,
+};
+
+int32_t server_test_psa_read_with_not_writable_buffer_addr(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ void *buffer = NULL;
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /* Accept the connection */
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ /* Set buffer to point to not writable location (Code memory) */
+ buffer = (void *) &server_test_psa_read_with_not_writable_buffer_addr;
+
+ /* Server psa_call */
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if(val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, -3);
+ }
+ else
+ {
+
+ /* Test check- psa_read with not writable buffer addr */
+ psa_read(msg.handle, 0, (void *)buffer, msg.in_size[0]);
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_read with not writable buffer should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa_reply(msg.handle, -4);
+ }
+ }
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ status = ((val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ ? VAL_STATUS_ERROR : status);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
diff --git a/api-tests/ff/ipc/test_i057/source.mk b/api-tests/ff/ipc/test_i057/source.mk
new file mode 100644
index 0000000..f9f2e1b
--- /dev/null
+++ b/api-tests/ff/ipc/test_i057/source.mk
@@ -0,0 +1,25 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i057.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
+
+CC_SOURCE_SPE = test_i057.c test_supp_i057.c
+CC_OPTIONS_SPE =
+AS_SOURCE_SPE =
+AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i057/test_entry.c b/api-tests/ff/ipc/test_i057/test_entry.c
new file mode 100644
index 0000000..4131bfc
--- /dev/null
+++ b/api-tests/ff/ipc/test_i057/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i057.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 57)
+#define TEST_DESC "Testing psa_write with invalid buffer addr\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i057_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i057/test_i057.c b/api-tests/ff/ipc/test_i057/test_i057.c
new file mode 100644
index 0000000..5aef674
--- /dev/null
+++ b/api-tests/ff/ipc/test_i057/test_i057.c
@@ -0,0 +1,62 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_partition_common.h"
+#endif
+
+#include "test_i057.h"
+
+client_test_t test_i057_client_tests_list[] = {
+ NULL,
+ client_test_psa_write_with_invalid_buffer_addr,
+ NULL,
+};
+
+int32_t client_test_psa_write_with_invalid_buffer_addr(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ uint8_t data = 0x11;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_write with invalid buffer addr\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ psa_outvec outvec[1] = {{&data, sizeof(data)}};
+ status_of_call = psa->call(handle, NULL, 0, outvec, 1);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but successed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/api-tests/ff/ipc/test_i057/test_i057.h b/api-tests/ff/ipc/test_i057/test_i057.h
new file mode 100644
index 0000000..8aba95e
--- /dev/null
+++ b/api-tests/ff/ipc/test_i057/test_i057.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I057_CLIENT_TESTS_H_
+#define _TEST_I057_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i057)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i057_client_tests_list[];
+
+int32_t client_test_psa_write_with_invalid_buffer_addr(security_t);
+#endif
diff --git a/api-tests/ff/ipc/test_i057/test_supp_i057.c b/api-tests/ff/ipc/test_i057/test_supp_i057.c
new file mode 100644
index 0000000..54d6dad
--- /dev/null
+++ b/api-tests/ff/ipc/test_i057/test_supp_i057.c
@@ -0,0 +1,132 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_write_with_invalid_buffer_addr(void);
+
+server_test_t test_i057_server_tests_list[] = {
+ NULL,
+ server_test_psa_write_with_invalid_buffer_addr,
+ NULL,
+};
+
+int32_t server_test_psa_write_with_invalid_buffer_addr(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ void *buffer = NULL;
+ miscellaneous_desc_t *misc_desc;
+ memory_desc_t *memory_desc;
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+
+ /* Selection of invalid buffer addr:
+ * if (ISOLATION_LEVEL > 1)
+ * buffer = driver_mmio_region_base;
+ * else
+ * buffer = NULL;
+ */
+
+ status = val_target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
+ MISCELLANEOUS_DUT, 0),
+ (uint8_t **)&misc_desc,
+ (uint32_t *)sizeof(miscellaneous_desc_t));
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ if (misc_desc->implemented_psa_firmware_isolation_level > LEVEL1)
+ {
+ status = val_target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ MEMORY_DRIVER_PARTITION_MMIO, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ buffer = (void *) memory_desc->start;
+ }
+
+ /* Accept the connection */
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ /* Server psa_call */
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(204), status))
+ {
+ psa_reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if(val_err_check_set(TEST_CHECKPOINT_NUM(205), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_write with invalid buffer addr */
+ psa_write(msg.handle, 0, (void *)buffer, msg.in_size[0]);
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_write with invalid buffer should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa_reply(msg.handle, -4);
+ }
+ }
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(206), status);
+ status = ((val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ ? VAL_STATUS_ERROR : status);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
diff --git a/api-tests/ff/ipc/test_i058/source.mk b/api-tests/ff/ipc/test_i058/source.mk
new file mode 100644
index 0000000..38cbf72
--- /dev/null
+++ b/api-tests/ff/ipc/test_i058/source.mk
@@ -0,0 +1,25 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i058.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
+
+CC_SOURCE_SPE = test_i058.c test_supp_i058.c
+CC_OPTIONS_SPE =
+AS_SOURCE_SPE =
+AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i058/test_entry.c b/api-tests/ff/ipc/test_i058/test_entry.c
new file mode 100644
index 0000000..e36b5b9
--- /dev/null
+++ b/api-tests/ff/ipc/test_i058/test_entry.c
@@ -0,0 +1,52 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i058.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 58)
+#define TEST_DESC "Testing PSA_DOORBELL signal\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i058/test_i058.c b/api-tests/ff/ipc/test_i058/test_i058.c
new file mode 100644
index 0000000..49e2a92
--- /dev/null
+++ b/api-tests/ff/ipc/test_i058/test_i058.c
@@ -0,0 +1,89 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_partition_common.h"
+#endif
+
+#include "test_i058.h"
+
+client_test_t test_i058_client_tests_list[] = {
+ NULL,
+ client_test_psa_doorbell_signal,
+ NULL,
+};
+
+int32_t client_test_psa_doorbell_signal(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+#ifndef NONSECURE_TEST_BUILD
+ psa_signal_t signals = 0;
+#endif
+
+ val->print(PRINT_TEST,
+ "[Check1] Test PSA_DOORBELL signal\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+#ifndef NONSECURE_TEST_BUILD
+ /* Wait for doorball notification */
+ signals = psa_wait(PSA_DOORBELL, PSA_BLOCK);
+
+ /* Is this doorbell signal? */
+ if ((signals & PSA_DOORBELL) == 0)
+ {
+ status = VAL_STATUS_INVALID_HANDLE;
+ val->print(PRINT_ERROR, "\tpsa_wait didn't receive doorbell signal\n", 0);
+ }
+
+ /* Wait for doorball notification again to check -
+ * Doorbell should remain asserted until psa_clear is called.
+ */
+ signals = psa_wait(PSA_DOORBELL, PSA_BLOCK);
+
+ /* Is this doorbell signal? */
+ if ((signals & PSA_DOORBELL) == 0)
+ {
+ status = VAL_STATUS_INVALID_HANDLE;
+ val->print(PRINT_ERROR, "\tDoorbell signal cleared without calling psa_clear\n", 0);
+ }
+
+ /* Clear the doorbell signal */
+ psa_clear();
+
+ /* Is doorbell singal cleared? */
+ signals = psa_wait(PSA_DOORBELL, PSA_POLL);
+ if ((signals & PSA_DOORBELL) != 0)
+ {
+ status = VAL_STATUS_INVALID_HANDLE;
+ val->print(PRINT_ERROR, "\tpsa_clear didn't clear doorbell signal\n", 0);
+ }
+#endif
+
+ psa->close(handle);
+ return status;
+}
diff --git a/api-tests/ff/ipc/test_i058/test_i058.h b/api-tests/ff/ipc/test_i058/test_i058.h
new file mode 100644
index 0000000..50ba73b
--- /dev/null
+++ b/api-tests/ff/ipc/test_i058/test_i058.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I058_CLIENT_TESTS_H_
+#define _TEST_I058_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i058)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i058_client_tests_list[];
+
+int32_t client_test_psa_doorbell_signal(security_t);
+#endif
diff --git a/api-tests/ff/ipc/test_i058/test_supp_i058.c b/api-tests/ff/ipc/test_i058/test_supp_i058.c
new file mode 100644
index 0000000..e3ed3b9
--- /dev/null
+++ b/api-tests/ff/ipc/test_i058/test_supp_i058.c
@@ -0,0 +1,63 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_doorbell_signal(void);
+
+server_test_t test_i058_server_tests_list[] = {
+ NULL,
+ server_test_psa_doorbell_signal,
+ NULL,
+};
+
+int32_t server_test_psa_doorbell_signal(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ /* Serve psa_connect */
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /* Accept the connection */
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ if (msg.client_id > 0)
+ {
+ /* Doorbell signal to client partititon */
+ psa_notify(msg.client_id);
+ }
+ else
+ {
+ status = VAL_STATUS_SPM_FAILED;
+ val_print(PRINT_ERROR, "Caller is from non-secure\n", 0);
+ }
+
+ /* Serve psa_close */
+ status = ((val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ ? VAL_STATUS_ERROR : status);
+ val_err_check_set(TEST_CHECKPOINT_NUM(202), status);
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ return status;
+}
diff --git a/api-tests/ff/ipc/test_i059/source.mk b/api-tests/ff/ipc/test_i059/source.mk
new file mode 100644
index 0000000..b649fa8
--- /dev/null
+++ b/api-tests/ff/ipc/test_i059/source.mk
@@ -0,0 +1,25 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i059.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
+
+CC_SOURCE_SPE = test_i059.c test_supp_i059.c
+CC_OPTIONS_SPE =
+AS_SOURCE_SPE =
+AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i059/test_entry.c b/api-tests/ff/ipc/test_i059/test_entry.c
new file mode 100644
index 0000000..a782f96
--- /dev/null
+++ b/api-tests/ff/ipc/test_i059/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i059.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 59)
+#define TEST_DESC "Testing psa_notify with neg partition id\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i059_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i059/test_i059.c b/api-tests/ff/ipc/test_i059/test_i059.c
new file mode 100644
index 0000000..6ebebf9
--- /dev/null
+++ b/api-tests/ff/ipc/test_i059/test_i059.c
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_partition_common.h"
+#endif
+
+#include "test_i059.h"
+
+client_test_t test_i059_client_tests_list[] = {
+ NULL,
+ client_test_psa_notify_with_neg_part_id,
+ NULL,
+};
+
+int32_t client_test_psa_notify_with_neg_part_id(security_t caller)
+{
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/ff/ipc/test_i059/test_i059.h b/api-tests/ff/ipc/test_i059/test_i059.h
new file mode 100644
index 0000000..fd306c1
--- /dev/null
+++ b/api-tests/ff/ipc/test_i059/test_i059.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I059_CLIENT_TESTS_H_
+#define _TEST_I059_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i059)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i059_client_tests_list[];
+
+int32_t client_test_psa_notify_with_neg_part_id(security_t);
+#endif
diff --git a/api-tests/ff/ipc/test_i059/test_supp_i059.c b/api-tests/ff/ipc/test_i059/test_supp_i059.c
new file mode 100644
index 0000000..94d629d
--- /dev/null
+++ b/api-tests/ff/ipc/test_i059/test_supp_i059.c
@@ -0,0 +1,69 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+#define NEG_PART_ID -10
+
+int32_t server_test_psa_notify_with_neg_part_id(void);
+
+server_test_t test_i059_server_tests_list[] = {
+ NULL,
+ server_test_psa_notify_with_neg_part_id,
+ NULL,
+};
+
+int32_t server_test_psa_notify_with_neg_part_id(void)
+{
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ val_print(PRINT_TEST, "[Check1] Test psa_notify with neg partition id\n", 0);
+
+ /* Setting boot.state before test check */
+ if (val_set_boot_flag(BOOT_EXPECTED_NS))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* psa_notify_with_neg_part_id */
+ psa_notify(NEG_PART_ID);
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR, "\tpsa_notify(-ve_part_ip) check failed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/api-tests/ff/ipc/test_i060/source.mk b/api-tests/ff/ipc/test_i060/source.mk
new file mode 100644
index 0000000..2b3e185
--- /dev/null
+++ b/api-tests/ff/ipc/test_i060/source.mk
@@ -0,0 +1,25 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i060.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
+
+CC_SOURCE_SPE = test_i060.c test_supp_i060.c
+CC_OPTIONS_SPE =
+AS_SOURCE_SPE =
+AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i060/test_entry.c b/api-tests/ff/ipc/test_i060/test_entry.c
new file mode 100644
index 0000000..4a24416
--- /dev/null
+++ b/api-tests/ff/ipc/test_i060/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i060.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 60)
+#define TEST_DESC "Testing psa_notify with invalid positive part-id\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i060_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i060/test_i060.c b/api-tests/ff/ipc/test_i060/test_i060.c
new file mode 100644
index 0000000..3c69b4c
--- /dev/null
+++ b/api-tests/ff/ipc/test_i060/test_i060.c
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_partition_common.h"
+#endif
+
+#include "test_i060.h"
+
+client_test_t test_i060_client_tests_list[] = {
+ NULL,
+ client_test_psa_notify_with_invalid_pos_part_id,
+ NULL,
+};
+
+int32_t client_test_psa_notify_with_invalid_pos_part_id(security_t caller)
+{
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/ff/ipc/test_i060/test_i060.h b/api-tests/ff/ipc/test_i060/test_i060.h
new file mode 100644
index 0000000..88d1b1b
--- /dev/null
+++ b/api-tests/ff/ipc/test_i060/test_i060.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I060_CLIENT_TESTS_H_
+#define _TEST_I060_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i060)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i060_client_tests_list[];
+
+int32_t client_test_psa_notify_with_invalid_pos_part_id(security_t);
+#endif
diff --git a/api-tests/ff/ipc/test_i060/test_supp_i060.c b/api-tests/ff/ipc/test_i060/test_supp_i060.c
new file mode 100644
index 0000000..9ce7886
--- /dev/null
+++ b/api-tests/ff/ipc/test_i060/test_supp_i060.c
@@ -0,0 +1,69 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+#define INVALID_POSITIVE_PART_ID 200
+
+int32_t server_test_psa_notify_with_invalid_pos_part_id(void);
+
+server_test_t test_i060_server_tests_list[] = {
+ NULL,
+ server_test_psa_notify_with_invalid_pos_part_id,
+ NULL,
+};
+
+int32_t server_test_psa_notify_with_invalid_pos_part_id(void)
+{
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ val_print(PRINT_TEST, "[Check1] Test psa_notify with invalid positive part-id\n", 0);
+
+ /* Setting boot.state before test check */
+ if (val_set_boot_flag(BOOT_EXPECTED_NS))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* psa_notify_with_invalid_pos_part_id */
+ psa_notify(INVALID_POSITIVE_PART_ID);
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR, "\tpsa_notify(invalid_+ve__part_ip) check failed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/api-tests/ff/ipc/test_i061/source.mk b/api-tests/ff/ipc/test_i061/source.mk
new file mode 100644
index 0000000..f5e49fc
--- /dev/null
+++ b/api-tests/ff/ipc/test_i061/source.mk
@@ -0,0 +1,25 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i061.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
+
+CC_SOURCE_SPE = test_i061.c test_supp_i061.c
+CC_OPTIONS_SPE =
+AS_SOURCE_SPE =
+AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i061/test_entry.c b/api-tests/ff/ipc/test_i061/test_entry.c
new file mode 100644
index 0000000..6abf8fe
--- /dev/null
+++ b/api-tests/ff/ipc/test_i061/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i061.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 61)
+#define TEST_DESC "Testing psa_clear at unasserted doorbell sig\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i061_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i061/test_i061.c b/api-tests/ff/ipc/test_i061/test_i061.c
new file mode 100644
index 0000000..1f9cd4e
--- /dev/null
+++ b/api-tests/ff/ipc/test_i061/test_i061.c
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_partition_common.h"
+#endif
+
+#include "test_i061.h"
+
+client_test_t test_i061_client_tests_list[] = {
+ NULL,
+ client_test_psa_clear_at_unasserted_doorbell_sig,
+ NULL,
+};
+
+int32_t client_test_psa_clear_at_unasserted_doorbell_sig(security_t caller)
+{
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/ff/ipc/test_i061/test_i061.h b/api-tests/ff/ipc/test_i061/test_i061.h
new file mode 100644
index 0000000..d7e50a6
--- /dev/null
+++ b/api-tests/ff/ipc/test_i061/test_i061.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I061_CLIENT_TESTS_H_
+#define _TEST_I061_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i061)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i061_client_tests_list[];
+
+int32_t client_test_psa_clear_at_unasserted_doorbell_sig(security_t);
+#endif
diff --git a/api-tests/ff/ipc/test_i061/test_supp_i061.c b/api-tests/ff/ipc/test_i061/test_supp_i061.c
new file mode 100644
index 0000000..720903f
--- /dev/null
+++ b/api-tests/ff/ipc/test_i061/test_supp_i061.c
@@ -0,0 +1,67 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_clear_at_unasserted_doorbell_sig(void);
+
+server_test_t test_i061_server_tests_list[] = {
+ NULL,
+ server_test_psa_clear_at_unasserted_doorbell_sig,
+ NULL,
+};
+
+int32_t server_test_psa_clear_at_unasserted_doorbell_sig(void)
+{
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ val_print(PRINT_TEST, "[Check1] Test psa_clear at unasserted doorbell sig\n", 0);
+
+ /* Setting boot.state before test check */
+ if (val_set_boot_flag(BOOT_EXPECTED_NS))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* psa_clear when unasserted doorbell sig */
+ psa_clear();
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR, "\tpsa_clear() check failed for unasserted doorbel signal\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/api-tests/ff/ipc/test_i062/source.mk b/api-tests/ff/ipc/test_i062/source.mk
new file mode 100644
index 0000000..4dcf5d3
--- /dev/null
+++ b/api-tests/ff/ipc/test_i062/source.mk
@@ -0,0 +1,25 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i062.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
+
+CC_SOURCE_SPE = test_i062.c test_supp_i062.c
+CC_OPTIONS_SPE =
+AS_SOURCE_SPE =
+AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i062/test_entry.c b/api-tests/ff/ipc/test_i062/test_entry.c
new file mode 100644
index 0000000..4fa67ce
--- /dev/null
+++ b/api-tests/ff/ipc/test_i062/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i062.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 62)
+#define TEST_DESC "Testing psa_wait with unassigned signal\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i062_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i062/test_i062.c b/api-tests/ff/ipc/test_i062/test_i062.c
new file mode 100644
index 0000000..fb28fe1
--- /dev/null
+++ b/api-tests/ff/ipc/test_i062/test_i062.c
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_partition_common.h"
+#endif
+
+#include "test_i062.h"
+
+client_test_t test_i062_client_tests_list[] = {
+ NULL,
+ client_test_psa_wait_with_unassigned_signal,
+ NULL,
+};
+
+int32_t client_test_psa_wait_with_unassigned_signal(security_t caller)
+{
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/ff/ipc/test_i062/test_i062.h b/api-tests/ff/ipc/test_i062/test_i062.h
new file mode 100644
index 0000000..fdceda8
--- /dev/null
+++ b/api-tests/ff/ipc/test_i062/test_i062.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I062_CLIENT_TESTS_H_
+#define _TEST_I062_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i062)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i062_client_tests_list[];
+
+int32_t client_test_psa_wait_with_unassigned_signal(security_t);
+#endif
diff --git a/api-tests/ff/ipc/test_i062/test_supp_i062.c b/api-tests/ff/ipc/test_i062/test_supp_i062.c
new file mode 100644
index 0000000..8029c0a
--- /dev/null
+++ b/api-tests/ff/ipc/test_i062/test_supp_i062.c
@@ -0,0 +1,70 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+/* signal bit-31 should be unassigned to server partition */
+#define INVALID_SIGNAL_MASK 0x80000000
+
+int32_t server_test_psa_wait_with_unassigned_signal(void);
+
+server_test_t test_i062_server_tests_list[] = {
+ NULL,
+ server_test_psa_wait_with_unassigned_signal,
+ NULL,
+};
+
+int32_t server_test_psa_wait_with_unassigned_signal(void)
+{
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ val_print(PRINT_TEST, "[Check1] Test psa_wait with unassigned signal\n", 0);
+
+ /* Setting boot.state before test check */
+ if (val_set_boot_flag(BOOT_EXPECTED_NS))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* psa_wait with signal mask that doesn't include any assigned signal*/
+ psa_wait(INVALID_SIGNAL_MASK, PSA_POLL);
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR, "\tpsa_wait() check failed for unassigned signal\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/api-tests/ff/ipc/test_i063/source.mk b/api-tests/ff/ipc/test_i063/source.mk
new file mode 100644
index 0000000..29f0e49
--- /dev/null
+++ b/api-tests/ff/ipc/test_i063/source.mk
@@ -0,0 +1,25 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i063.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
+
+CC_SOURCE_SPE = test_i063.c test_supp_i063.c
+CC_OPTIONS_SPE =
+AS_SOURCE_SPE =
+AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i063/test_entry.c b/api-tests/ff/ipc/test_i063/test_entry.c
new file mode 100644
index 0000000..ab0ac32
--- /dev/null
+++ b/api-tests/ff/ipc/test_i063/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i063.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 63)
+#define TEST_DESC "Testing psa_wait signal mask\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_MEDIUM_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i063_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i063/test_i063.c b/api-tests/ff/ipc/test_i063/test_i063.c
new file mode 100644
index 0000000..be8d79e
--- /dev/null
+++ b/api-tests/ff/ipc/test_i063/test_i063.c
@@ -0,0 +1,57 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_partition_common.h"
+#endif
+
+#include "test_i063.h"
+
+client_test_t test_i063_client_tests_list[] = {
+ NULL,
+ client_test_psa_wait_signal_mask,
+ NULL,
+};
+
+int32_t client_test_psa_wait_signal_mask(security_t caller)
+{
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check1] Test psa_wait signal mask\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ if (handle != PSA_CONNECTION_REFUSED)
+ {
+ val->print(PRINT_ERROR, "psa_connect failed -1\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
+
+ if (handle != PSA_CONNECTION_REFUSED)
+ {
+ val->print(PRINT_ERROR, "psa_connect failed -2\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/ff/ipc/test_i063/test_i063.h b/api-tests/ff/ipc/test_i063/test_i063.h
new file mode 100644
index 0000000..2afe682
--- /dev/null
+++ b/api-tests/ff/ipc/test_i063/test_i063.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I063_CLIENT_TESTS_H_
+#define _TEST_I063_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i063)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i063_client_tests_list[];
+
+int32_t client_test_psa_wait_signal_mask(security_t);
+#endif
diff --git a/api-tests/ff/ipc/test_i063/test_supp_i063.c b/api-tests/ff/ipc/test_i063/test_supp_i063.c
new file mode 100644
index 0000000..99990e2
--- /dev/null
+++ b/api-tests/ff/ipc/test_i063/test_supp_i063.c
@@ -0,0 +1,101 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_wait_signal_mask(void);
+
+server_test_t test_i063_server_tests_list[] = {
+ NULL,
+ server_test_psa_wait_signal_mask,
+ NULL,
+};
+
+int32_t server_test_psa_wait_signal_mask(void)
+{
+ psa_signal_t signals = 0;
+ psa_msg_t msg = {0};
+ int loop_cnt = 2;
+ psa_signal_t signal_mask = (SERVER_UNSPECIFED_MINOR_V_SIG | SERVER_RELAX_MINOR_VERSION_SIG);
+
+ /* Debug print */
+ val_err_check_set(TEST_CHECKPOINT_NUM(211), VAL_STATUS_SUCCESS);
+
+ /* Notify client partition to make SERVER_SECURE_CONNECT_ONLY_SID connection request.
+ * This connection request act as irritator to psa_wait(signal_mask) call and it is used
+ * to cover the rule - Signals that are not in signal_mask should be ignored by psa_wait.
+ * This means, during the following while loop, returned signal vaule should not be
+ * SERVER_SECURE_CONNECT_ONLY_SIG as this signal is not part of signal_mask.
+ */
+ psa_notify(CLIENT_PARTITION);
+
+ while (loop_cnt != 0)
+ {
+ signals = psa_wait(signal_mask, PSA_BLOCK);
+
+ /* Rule - Returned signals value must be subset signals indicated in the signal_mask.
+ *
+ * This mean signal value should be either SERVER_UNSPECIFED_MINOR_V_SIG
+ * or SERVER_RELAX_MINOR_VERSION_SIG.
+ */
+ if (((signals & signal_mask) == 0) &&
+ ((signals | signal_mask) != signal_mask))
+ {
+ val_print(PRINT_ERROR,
+ "psa_wait-1 returned with invalid signal value = 0x%x\n", signals);
+ return VAL_STATUS_ERROR;
+ }
+ else if (signals & SERVER_UNSPECIFED_MINOR_V_SIG)
+ {
+ if (psa_get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ continue;
+
+ loop_cnt--;
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ }
+ else if (signals & SERVER_RELAX_MINOR_VERSION_SIG)
+ {
+ if (psa_get(SERVER_RELAX_MINOR_VERSION_SIG, &msg) != PSA_SUCCESS)
+ continue;
+
+ loop_cnt--;
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ }
+ }
+
+ /* Debug print */
+ val_err_check_set(TEST_CHECKPOINT_NUM(212), VAL_STATUS_SUCCESS);
+
+wait:
+ /* At the end, completes the starved connection
+ * request of SERVER_SECURE_CONNECT_ONLY_SID.
+ */
+ signals = psa_wait(SERVER_SECURE_CONNECT_ONLY_SIG, PSA_BLOCK);
+ if ((signals & SERVER_SECURE_CONNECT_ONLY_SIG) == 0)
+ {
+ val_print(PRINT_ERROR,
+ "psa_wait-2 returned with invalid signal value = 0x%x\n", signals);
+ return VAL_STATUS_ERROR;
+ }
+
+ if (psa_get(SERVER_SECURE_CONNECT_ONLY_SIG, &msg) != PSA_SUCCESS)
+ goto wait;
+
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/ff/ipc/test_i064/source.mk b/api-tests/ff/ipc/test_i064/source.mk
new file mode 100644
index 0000000..4f5a486
--- /dev/null
+++ b/api-tests/ff/ipc/test_i064/source.mk
@@ -0,0 +1,25 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i064.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
+
+CC_SOURCE_SPE = test_i064.c test_supp_i064.c
+CC_OPTIONS_SPE =
+AS_SOURCE_SPE =
+AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i064/test_entry.c b/api-tests/ff/ipc/test_i064/test_entry.c
new file mode 100644
index 0000000..bbdf97e
--- /dev/null
+++ b/api-tests/ff/ipc/test_i064/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i064.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 64)
+#define TEST_DESC "Testing psa_eoi with non-interrupt signal\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i064_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i064/test_i064.c b/api-tests/ff/ipc/test_i064/test_i064.c
new file mode 100644
index 0000000..46fe3c9
--- /dev/null
+++ b/api-tests/ff/ipc/test_i064/test_i064.c
@@ -0,0 +1,64 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_partition_common.h"
+#endif
+
+#include "test_i064.h"
+
+client_test_t test_i064_client_tests_list[] = {
+ NULL,
+ client_test_psa_eoi_with_non_intr_signal,
+ NULL,
+};
+
+int32_t client_test_psa_eoi_with_non_intr_signal(security_t caller)
+{
+ psa_handle_t handle;
+ test_intr_fn_id_t test_intr_fn_id = TEST_PSA_EOI_WITH_NON_INTR_SIGNAL;
+
+ /*
+ * The interrupt related test check is captured in driver_partition.c as this is the
+ * only partition in test suite that holds the interrupt line. The interrupt test check
+ * is invoked by client by calling to TEST_INTR_SID RoT service of driver partition that
+ * hold the test check.
+ */
+
+ val->print(PRINT_TEST, "[Check1] Test psa_eoi with non-interrupt signal\n", 0);
+
+ /* Connect to TEST_INTR_SID */
+ handle = psa->connect(TEST_INTR_SID, 1);
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\t psa_connect failed. handle=0x%x\n", handle);
+ return VAL_STATUS_SPM_FAILED;
+ }
+
+ /* Execute driver function related to TEST_PSA_EOI_WITH_NON_INTR_SIGNAL */
+ psa_invec invec = {&test_intr_fn_id, sizeof(test_intr_fn_id)};
+ psa->call(handle, &invec, 1, NULL, 0);
+
+ psa->close(handle);
+
+ /* The expectation is that driver partition hang and control never reaches here. */
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/api-tests/ff/ipc/test_i064/test_i064.h b/api-tests/ff/ipc/test_i064/test_i064.h
new file mode 100644
index 0000000..2f964f1
--- /dev/null
+++ b/api-tests/ff/ipc/test_i064/test_i064.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I064_CLIENT_TESTS_H_
+#define _TEST_I064_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i064)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i064_client_tests_list[];
+
+int32_t client_test_psa_eoi_with_non_intr_signal(security_t);
+#endif
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c b/api-tests/ff/ipc/test_i064/test_supp_i064.c
similarity index 60%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
copy to api-tests/ff/ipc/test_i064/test_supp_i064.c
index 14649e9..5eb1143 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
+++ b/api-tests/ff/ipc/test_i064/test_supp_i064.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,17 +15,18 @@
* limitations under the License.
**/
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
-#include "pal_common.h"
-#include "pal_crypto_intf.h"
+int32_t server_test_psa_eoi_with_non_intr_signal(void);
-/**
- @brief - This API will call the requested crypto function
- @param - type : function code
- valist : variable argument list
- @return - error status
-**/
-psa_status_t pal_crypto_function(int type, va_list valist)
+server_test_t test_i064_server_tests_list[] = {
+ NULL,
+ server_test_psa_eoi_with_non_intr_signal,
+ NULL,
+};
+
+int32_t server_test_psa_eoi_with_non_intr_signal(void)
{
- return PAL_STATUS_UNSUPPORTED_FUNC;
+ return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/ff/ipc/test_i065/source.mk b/api-tests/ff/ipc/test_i065/source.mk
new file mode 100644
index 0000000..9be71cf
--- /dev/null
+++ b/api-tests/ff/ipc/test_i065/source.mk
@@ -0,0 +1,25 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i065.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
+
+CC_SOURCE_SPE = test_i065.c test_supp_i065.c
+CC_OPTIONS_SPE =
+AS_SOURCE_SPE =
+AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i065/test_entry.c b/api-tests/ff/ipc/test_i065/test_entry.c
new file mode 100644
index 0000000..0a5494d
--- /dev/null
+++ b/api-tests/ff/ipc/test_i065/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i065.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 65)
+#define TEST_DESC "Testing psa_eoi with unasserted signal\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i065_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i065/test_i065.c b/api-tests/ff/ipc/test_i065/test_i065.c
new file mode 100644
index 0000000..92cdeda
--- /dev/null
+++ b/api-tests/ff/ipc/test_i065/test_i065.c
@@ -0,0 +1,64 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_partition_common.h"
+#endif
+
+#include "test_i065.h"
+
+client_test_t test_i065_client_tests_list[] = {
+ NULL,
+ client_test_psa_eoi_with_unasserted_signal,
+ NULL,
+};
+
+int32_t client_test_psa_eoi_with_unasserted_signal(security_t caller)
+{
+ psa_handle_t handle;
+ test_intr_fn_id_t test_intr_fn_id = TEST_PSA_EOI_WITH_UNASSERTED_SIGNAL;
+
+ /*
+ * The interrupt related test check is captured in driver_partition.c as this is the
+ * only partition in test suite that holds the interrupt line. The interrupt test check
+ * is invoked by client by calling to TEST_INTR_SID RoT service of driver partition that
+ * hold the test check.
+ */
+
+ val->print(PRINT_TEST, "[Check1] Test psa_eoi with multiple signal\n", 0);
+
+ /* Connect to TEST_INTR_SID */
+ handle = psa->connect(TEST_INTR_SID, 1);
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\t psa_connect failed. handle=0x%x\n", handle);
+ return VAL_STATUS_SPM_FAILED;
+ }
+
+ /* Execute driver function related to TEST_PSA_EOI_WITH_UNASSERTED_SIGNAL */
+ psa_invec invec = {&test_intr_fn_id, sizeof(test_intr_fn_id)};
+ psa->call(handle, &invec, 1, NULL, 0);
+
+ psa->close(handle);
+
+ /* The expectation is that driver partition hang and control never reaches here. */
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/api-tests/ff/ipc/test_i065/test_i065.h b/api-tests/ff/ipc/test_i065/test_i065.h
new file mode 100644
index 0000000..74289ac
--- /dev/null
+++ b/api-tests/ff/ipc/test_i065/test_i065.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I065_CLIENT_TESTS_H_
+#define _TEST_I065_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i065)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i065_client_tests_list[];
+
+int32_t client_test_psa_eoi_with_unasserted_signal(security_t);
+#endif
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c b/api-tests/ff/ipc/test_i065/test_supp_i065.c
similarity index 60%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
copy to api-tests/ff/ipc/test_i065/test_supp_i065.c
index 14649e9..1388840 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
+++ b/api-tests/ff/ipc/test_i065/test_supp_i065.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,17 +15,18 @@
* limitations under the License.
**/
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
-#include "pal_common.h"
-#include "pal_crypto_intf.h"
+int32_t server_test_psa_eoi_with_non_intr_signal(void);
-/**
- @brief - This API will call the requested crypto function
- @param - type : function code
- valist : variable argument list
- @return - error status
-**/
-psa_status_t pal_crypto_function(int type, va_list valist)
+server_test_t test_i065_server_tests_list[] = {
+ NULL,
+ server_test_psa_eoi_with_non_intr_signal,
+ NULL,
+};
+
+int32_t server_test_psa_eoi_with_unasserted_signal(void)
{
- return PAL_STATUS_UNSUPPORTED_FUNC;
+ return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/ff/ipc/test_i066/source.mk b/api-tests/ff/ipc/test_i066/source.mk
new file mode 100644
index 0000000..818fcc5
--- /dev/null
+++ b/api-tests/ff/ipc/test_i066/source.mk
@@ -0,0 +1,25 @@
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i066.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
+
+CC_SOURCE_SPE = test_i066.c test_supp_i066.c
+CC_OPTIONS_SPE =
+AS_SOURCE_SPE =
+AS_OPTIONS_SPE =
\ No newline at end of file
diff --git a/api-tests/ff/ipc/test_i066/test_entry.c b/api-tests/ff/ipc/test_i066/test_entry.c
new file mode 100644
index 0000000..25059f3
--- /dev/null
+++ b/api-tests/ff/ipc/test_i066/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i066.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 66)
+#define TEST_DESC "Testing psa_eoi with multiple signals\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i066_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/api-tests/ff/ipc/test_i066/test_i066.c b/api-tests/ff/ipc/test_i066/test_i066.c
new file mode 100644
index 0000000..fb110d6
--- /dev/null
+++ b/api-tests/ff/ipc/test_i066/test_i066.c
@@ -0,0 +1,64 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val_client_defs.h"
+#include "val_partition_common.h"
+#endif
+
+#include "test_i066.h"
+
+client_test_t test_i066_client_tests_list[] = {
+ NULL,
+ client_test_psa_eoi_with_multiple_signals,
+ NULL,
+};
+
+int32_t client_test_psa_eoi_with_multiple_signals(security_t caller)
+{
+ psa_handle_t handle;
+ test_intr_fn_id_t test_intr_fn_id = TEST_PSA_EOI_WITH_MULTIPLE_SIGNALS;
+
+ /*
+ * The interrupt related test check is captured in driver_partition.c as this is the
+ * only partition in test suite that holds the interrupt line. The interrupt test check
+ * is invoked by client by calling to TEST_INTR_SID RoT service of driver partition that
+ * hold the test check.
+ */
+
+ val->print(PRINT_TEST, "[Check1] Test psa_eoi with multiple signals\n", 0);
+
+ /* Connect to TEST_INTR_SID */
+ handle = psa->connect(TEST_INTR_SID, 1);
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\t psa_connect failed. handle=0x%x\n", handle);
+ return VAL_STATUS_SPM_FAILED;
+ }
+
+ /* Execute driver function related to TEST_PSA_EOI_WITH_MULTIPLE_SIGNALS */
+ psa_invec invec = {&test_intr_fn_id, sizeof(test_intr_fn_id)};
+ psa->call(handle, &invec, 1, NULL, 0);
+
+ psa->close(handle);
+
+ /* The expectation is that driver partition hang and control never reaches here. */
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/api-tests/ff/ipc/test_i066/test_i066.h b/api-tests/ff/ipc/test_i066/test_i066.h
new file mode 100644
index 0000000..bc3b9cf
--- /dev/null
+++ b/api-tests/ff/ipc/test_i066/test_i066.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_I066_CLIENT_TESTS_H_
+#define _TEST_I066_CLIENT_TESTS_H_
+
+#include "val_client_defs.h"
+
+#ifdef NONSECURE_TEST_BUILD
+#define test_entry CONCAT(test_entry_,i066)
+#define val CONCAT(val,test_entry)
+#define psa CONCAT(psa,test_entry)
+#else
+#define val CONCAT(val,_client_sp)
+#define psa CONCAT(psa,_client_sp)
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i066_client_tests_list[];
+
+int32_t client_test_psa_eoi_with_multiple_signals(security_t);
+#endif
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c b/api-tests/ff/ipc/test_i066/test_supp_i066.c
similarity index 60%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
copy to api-tests/ff/ipc/test_i066/test_supp_i066.c
index 14649e9..8748951 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
+++ b/api-tests/ff/ipc/test_i066/test_supp_i066.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,17 +15,18 @@
* limitations under the License.
**/
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
-#include "pal_common.h"
-#include "pal_crypto_intf.h"
+int32_t server_test_psa_eoi_with_non_intr_signal(void);
-/**
- @brief - This API will call the requested crypto function
- @param - type : function code
- valist : variable argument list
- @return - error status
-**/
-psa_status_t pal_crypto_function(int type, va_list valist)
+server_test_t test_i066_server_tests_list[] = {
+ NULL,
+ server_test_psa_eoi_with_non_intr_signal,
+ NULL,
+};
+
+int32_t server_test_psa_eoi_with_multiple_signals(void)
{
- return PAL_STATUS_UNSUPPORTED_FUNC;
+ return VAL_STATUS_SUCCESS;
}
diff --git a/api-tests/ff/ipc/testsuite.db b/api-tests/ff/ipc/testsuite.db
index ba07652..4bff10e 100644
--- a/api-tests/ff/ipc/testsuite.db
+++ b/api-tests/ff/ipc/testsuite.db
@@ -1,5 +1,5 @@
#/** @file
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
# * Licensed under the Apache License, Version 2.0 (the "License");
@@ -66,5 +66,25 @@
test_i044
test_i045
test_i046
+test_i047
+test_i048
+test_i049
+test_i050
+test_i051
+test_i052
+test_i053
+test_i054
+test_i055
+test_i056
+test_i057
+test_i058
+test_i059
+test_i060
+test_i061
+test_i062
+test_i063
+test_i064
+test_i065
+test_i066
(END)
diff --git a/api-tests/ff/partition/common/driver_partition.c b/api-tests/ff/partition/common/driver_partition.c
index 52c1705..6523fd5 100644
--- a/api-tests/ff/partition/common/driver_partition.c
+++ b/api-tests/ff/partition/common/driver_partition.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,17 +17,26 @@
#include "val/spe/val_driver_service_apis.h"
+int32_t driver_test_psa_eoi_with_non_intr_signal(void);
+int32_t driver_test_psa_eoi_with_unasserted_signal(void);
+int32_t driver_test_psa_eoi_with_multiple_signals(void);
+
void driver_main(void)
{
- psa_signal_t signals = 0;
- psa_msg_t msg = {0};
- uint32_t data = 0;
- uart_fn_type_t uart_fn;
- nvmem_param_t nvmem_param;
- char string[256] = {0};
- uint8_t buffer[256] = {0};
- wd_param_t wd_param;
- addr_t uart_base;
+ psa_signal_t signals = 0;
+ psa_msg_t msg = {0};
+ uint32_t data = 0;
+ uart_fn_type_t uart_fn;
+ nvmem_param_t nvmem_param;
+ test_intr_fn_id_t test_intr_fn_id;
+ char string[256] = {0};
+ uint8_t buffer[256] = {0};
+ wd_param_t wd_param;
+ addr_t uart_base;
+
+ /* Initialised driver mmio space */
+ if (val_init_driver_memory())
+ TEST_PANIC();
while (1)
{
@@ -86,7 +95,7 @@
}
/* Service Watchdog functionality */
- if (signals & DRIVER_WATCHDOG_SIG)
+ else if (signals & DRIVER_WATCHDOG_SIG)
{
psa_get(DRIVER_WATCHDOG_SIG, &msg);
switch (msg.type)
@@ -139,7 +148,7 @@
}
/* Service NVMEM functionality */
- if (signals & DRIVER_NVMEM_SIG)
+ else if (signals & DRIVER_NVMEM_SIG)
{
psa_get(DRIVER_NVMEM_SIG, &msg);
switch (msg.type)
@@ -197,12 +206,129 @@
break;
}
}
-
- if (signals == 0)
+ /* SID reserved for interrupt testing */
+ else if (signals & TEST_INTR_SIG)
{
- val_print_sf("psa_wait returned zero for PSA_BLOCK. Entering into infinite loop\n",
- 0);
- while (1);
+ psa_get(TEST_INTR_SIG, &msg);
+ switch (msg.type)
+ {
+ case PSA_IPC_CALL:
+ if (msg.in_size[0] > sizeof(test_intr_fn_id_t))
+ {
+ /* buffer overflow */
+ psa_reply(msg.handle, VAL_STATUS_ERROR);
+ val_print_sf("msg.in_size[0] buffer overflow\n", 0);
+ break;
+ }
+ else
+ {
+ psa_read(msg.handle, 0, &test_intr_fn_id, msg.in_size[0]);
+ }
+
+ switch (test_intr_fn_id)
+ {
+ case TEST_PSA_EOI_WITH_NON_INTR_SIGNAL:
+ driver_test_psa_eoi_with_non_intr_signal();
+ psa_reply(msg.handle, VAL_STATUS_ERROR);
+ break;
+ case TEST_PSA_EOI_WITH_UNASSERTED_SIGNAL:
+ driver_test_psa_eoi_with_unasserted_signal();
+ psa_reply(msg.handle, VAL_STATUS_ERROR);
+ break;
+ case TEST_PSA_EOI_WITH_MULTIPLE_SIGNALS:
+ driver_test_psa_eoi_with_multiple_signals();
+ psa_reply(msg.handle, VAL_STATUS_ERROR);
+ break;
+ case TEST_INTR_SERVICE:
+ break;
+ }
+ break;
+ case PSA_IPC_CONNECT:
+ case PSA_IPC_DISCONNECT:
+ psa_reply(msg.handle, PSA_SUCCESS);
+ break;
+ }
+ }
+ else
+ {
+ val_print_sf("Unexpected signal value=0x%x. Entering into infinite loop\n",
+ signals);
+ TEST_PANIC();
}
}
}
+
+int32_t driver_test_psa_eoi_with_non_intr_signal(void)
+{
+ /* Setting boot.state before test check */
+ if (val_driver_private_set_boot_flag_fn(BOOT_EXPECTED_NS))
+ {
+ val_print_sf("\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* psa_eoi should not return as signal is non-interrupt signal*/
+ psa_eoi(PSA_DOORBELL);
+
+ /* Control shouldn't have reached here */
+ val_print_sf("\tCheck for psa_eoi(non_intr_sig) failed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_driver_private_set_boot_flag_fn(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print_sf("\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
+
+int32_t driver_test_psa_eoi_with_unasserted_signal(void)
+{
+ /* Setting boot.state before test check */
+ if (val_driver_private_set_boot_flag_fn(BOOT_EXPECTED_NS))
+ {
+ val_print_sf("\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* psa_eoi should not return as DRIVER_UART_INTR_SIG is unasserted */
+ psa_eoi(DRIVER_UART_INTR_SIG);
+
+ /* Control shouldn't have reached here */
+ val_print_sf("\tCheck for psa_eoi(multiple_signals) failed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_driver_private_set_boot_flag_fn(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print_sf("\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
+
+int32_t driver_test_psa_eoi_with_multiple_signals(void)
+{
+ /* Setting boot.state before test check */
+ if (val_driver_private_set_boot_flag_fn(BOOT_EXPECTED_NS))
+ {
+ val_print_sf("\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* psa_eoi should not return as irq_signal is provided with multiple signals */
+ psa_eoi(DRIVER_UART_INTR_SIG|TEST_INTR_SIG);
+
+ /* Control shouldn't have reached here */
+ val_print_sf("\tCheck for psa_eoi(multiple_signals) failed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_driver_private_set_boot_flag_fn(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print_sf("\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/api-tests/ff/partition/ipc/client_partition.c b/api-tests/ff/partition/ipc/client_partition.c
index fe9c9d5..794f6d2 100644
--- a/api-tests/ff/partition/ipc/client_partition.c
+++ b/api-tests/ff/partition/ipc/client_partition.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -88,13 +88,22 @@
break;
default:
val_print(PRINT_ERROR, "Unexpected message type %d!", (int)(msg.type));
- while (1);
+ TEST_PANIC();
}
}
+ /* Server_partition requests client to connect to SERVER_SECURE_CONNECT_ONLY_SID */
+ else if (signals & PSA_DOORBELL)
+ {
+ if (psa_connect(SERVER_SECURE_CONNECT_ONLY_SID, 2) != PSA_CONNECTION_REFUSED)
+ {
+ val_print(PRINT_ERROR, "psa_connect failed \n", 0);
+ }
+ psa_clear();
+ }
else
{
val_print(PRINT_ERROR, "In client_partition, Control shouldn't have reach here\n", 0);
- while (1);
+ TEST_PANIC();
}
}
}
diff --git a/api-tests/ff/partition/ipc/client_partition.h b/api-tests/ff/partition/ipc/client_partition.h
index 9f3dbd3..2592243 100644
--- a/api-tests/ff/partition/ipc/client_partition.h
+++ b/api-tests/ff/partition/ipc/client_partition.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,8 +17,9 @@
#ifndef _CLIENT_PART_H_
#define _CLIENT_PART_H_
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+
+#include "val_client_defs.h"
+#include "val_partition_common.h"
typedef client_test_t (*client_test_list_t);
diff --git a/api-tests/ff/partition/ipc/server_partition.c b/api-tests/ff/partition/ipc/server_partition.c
index 5d8d446..35c0641 100644
--- a/api-tests/ff/partition/ipc/server_partition.c
+++ b/api-tests/ff/partition/ipc/server_partition.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -91,13 +91,13 @@
break;
default:
val_print(PRINT_ERROR, "Unexpected message type %d!", (int)(msg.type));
- while (1);
+ TEST_PANIC();
}
}
else
{
val_print(PRINT_ERROR, "In server_partition, Control shouldn't have reach here\n", 0);
- while (1);
+ TEST_PANIC();
}
}
}
diff --git a/api-tests/ff/partition/ipc/server_partition.h b/api-tests/ff/partition/ipc/server_partition.h
index 55d45f3..8fa0cb9 100644
--- a/api-tests/ff/partition/ipc/server_partition.h
+++ b/api-tests/ff/partition/ipc/server_partition.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,8 +17,8 @@
#ifndef _SERVER_PART_H_
#define _SERVER_PART_H_
-#include "val/common/val_client_defs.h"
-#include "val/spe/val_partition_common.h"
+#include "val_client_defs.h"
+#include "val_partition_common.h"
typedef server_test_t (*server_test_list_t);
diff --git a/api-tests/platform/drivers/uart/cmsdk/pal_uart.c b/api-tests/platform/drivers/uart/cmsdk/pal_uart.c
index 48515c1..5ccc5fc 100644
--- a/api-tests/platform/drivers/uart/cmsdk/pal_uart.c
+++ b/api-tests/platform/drivers/uart/cmsdk/pal_uart.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -41,7 +41,7 @@
static int pal_uart_cmsdk_is_tx_empty(void)
{
/* Note: Check for empty TX FIFO */
- return (!((uart_t *) g_uart)->STATE & CMSDK_UART_STATE_TXBF_Msk);
+ return (!(((uart_t *) g_uart)->STATE & CMSDK_UART_STATE_TXBF_Msk));
}
/**
diff --git a/api-tests/platform/drivers/uart/musca_a/pal_uart.c b/api-tests/platform/drivers/uart/musca_a/pal_uart.c
new file mode 100644
index 0000000..e162b01
--- /dev/null
+++ b/api-tests/platform/drivers/uart/musca_a/pal_uart.c
@@ -0,0 +1,120 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_uart.h"
+
+volatile uint32_t uart;
+
+/**
+ @brief - This function initializes the UART
+ @param - uart_base_addr: Base address of UART
+**/
+void pal_uart_init(uint32_t uart_base_addr)
+{
+ uart = uart_base_addr;
+}
+
+/**
+ @brief - This function checks for empty TX FIFO
+**/
+static int pal_uart_is_tx_empty(void)
+{
+ if ((((uart_gt *)uart)->uartcr & UART_PL011_UATRCR_EN_MASK) &&
+ /* UART is enabled */
+ (((uart_gt *)uart)->uartcr & UART_PL011_UARTCR_TX_EN_MASK) &&
+ /* Transmit is enabled */
+ ((((uart_gt *)uart)->uartfr & UART_PL011_UARTFR_TX_FIFO_FULL) == 0))
+ {
+ return 1;
+ }
+ else {
+ return 0;
+ }
+}
+
+/**
+ @brief - This function checks for empty TX FIFO and writes to FIFO register
+**/
+static void pal_uart_putc(uint8_t c)
+{
+ const uint8_t pdata = (uint8_t)c;
+
+ /* ensure TX buffer to be empty */
+ while(!pal_uart_is_tx_empty());
+
+ /* write the data (upper 24 bits are reserved) */
+ ((uart_gt *)uart)->uartdr = pdata;
+}
+
+/**
+ @brief - This function parses the input string and writes bytes into UART TX FIFO
+ @param - str : Input String
+ - data : Value for format specifier
+**/
+void pal_uart_print(char *str, uint32_t data)
+{
+ uint8_t j, buffer[16];
+ int8_t i = 0;
+
+ for (; *str != '\0'; ++str)
+ {
+ if (*str == '%')
+ {
+ ++str;
+ if (*str == 'd')
+ {
+ while (data != 0)
+ {
+ j = data % 10;
+ data = data /10;
+ buffer[i] = j + 48;
+ i += 1;
+ }
+ }
+ else if (*str == 'x' || *str == 'X')
+ {
+ while (data != 0)
+ {
+ j = data & 0xf;
+ data >>= 4;
+ buffer[i] = j + ((j > 9) ? 55 : 48);
+ i += 1;
+ }
+ }
+ if (i > 0)
+ {
+ while (i > 0)
+ {
+ pal_uart_putc(buffer[--i]);
+ }
+ }
+ else
+ {
+ pal_uart_putc(48);
+ }
+ }
+ else
+ {
+ pal_uart_putc(*str);
+
+ if (*str == '\n')
+ {
+ pal_uart_putc('\r');
+ }
+ }
+ }
+}
diff --git a/api-tests/platform/drivers/uart/musca_a/pal_uart.h b/api-tests/platform/drivers/uart/musca_a/pal_uart.h
new file mode 100644
index 0000000..911255f
--- /dev/null
+++ b/api-tests/platform/drivers/uart/musca_a/pal_uart.h
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_UART_CMSDK_H_
+#define _PAL_UART_CMSDK_H_
+
+#include <stdint.h>
+
+/* typedef's */
+typedef struct
+{
+ volatile uint32_t uartdr; /* Offset: 0x000 (R/W) Data Register */
+ union {
+ volatile uint32_t uartrsr; /* Offset: 0x004 (R/ ) Receive status register */
+ volatile uint32_t uartecr; /* Offset: 0x004 ( /W) Error clear register */
+ };
+ volatile uint32_t reserved_0[4]; /* Offset: 0x008-0x014 Reserved */
+ volatile uint32_t uartfr; /* Offset: 0x018 (R/ ) Flag register */
+ volatile uint32_t reserved_1; /* Offset: 0x01C Reserved */
+ volatile uint32_t uartilpr; /* Offset: 0x020 (R/W) IrDA low-power counter register */
+ volatile uint32_t uartibrd; /* Offset: 0x024 (R/W) Integer baud rate register */
+ volatile uint32_t uartfbrd; /* Offset: 0x028 (R/W) Fractional baud rate register */
+ volatile uint32_t uartlcr_h; /* Offset: 0x02C (R/W) Line control register */
+ volatile uint32_t uartcr; /* Offset: 0x030 (R/W) Control register */
+} uart_gt;
+
+#define UART_PL011_UARTCR_UARTEN_OFF 0x0u
+#define UART_PL011_UARTCR_TXE_OFF 0x8u
+#define UART_PL011_UARTFR_TX_FIFO_FULL_OFF 0x5u
+
+#define UART_PL011_UATRCR_EN_MASK (0x1u << UART_PL011_UARTCR_UARTEN_OFF)
+#define UART_PL011_UARTCR_TX_EN_MASK (0x1u << UART_PL011_UARTCR_TXE_OFF)
+#define UART_PL011_UARTFR_TX_FIFO_FULL (0x1u << UART_PL011_UARTFR_TX_FIFO_FULL_OFF)
+
+/* function prototypes */
+void pal_uart_init(uint32_t uart_base_addr);
+void pal_uart_print(char *str, uint32_t data);
+
+#endif /* _PAL_UART_CMSDK_H_ */
diff --git a/api-tests/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c b/api-tests/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c
index e9d20bb..b27516d 100644
--- a/api-tests/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c
+++ b/api-tests/platform/drivers/watchdog/cmsdk/pal_wd_cmsdk.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -29,7 +29,7 @@
/* Disable Timer */
((wd_timer_t *)base_addr)->CTRL = 0x0;
- if (time_us == 0 )
+ if (time_us == 0)
{
((wd_timer_t *)base_addr)->LOAD = 0;
}
@@ -48,10 +48,8 @@
**/
int pal_wd_cmsdk_enable(addr_t base_addr)
{
- /* Enable Interrupt */
- ((wd_timer_t *)base_addr)->CTRL = Watchdog_CTRL_INTEN_Msk;
- /* Enable Reset */
- ((wd_timer_t *)base_addr)->CTRL |= Watchdog_CTRL_RESEN_Msk;
+ /* Enable counter by enabling intr and reset */
+ ((wd_timer_t *)base_addr)->CTRL = (Watchdog_CTRL_INTEN_Msk | Watchdog_CTRL_RESEN_Msk);
return 0;
}
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_client_api_intf.h b/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_client_api_intf.h
deleted file mode 100644
index cac75d2..0000000
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_client_api_intf.h
+++ /dev/null
@@ -1,74 +0,0 @@
-/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-**/
-
-#ifndef _PAL_CLIENT_API_H_
-#define _PAL_CLIENT_API_H_
-
-#if PSA_IPC_IMPLEMENTED
-/* psa/client.h: Contains the Client API elements. Accessible to all applications */
-#include "psa/client.h"
-
-/* psa_manifest/sid.h: Macro definitions derived from manifest files that map from RoT Service
- * names to Service IDs (SIDs).
- * Partition manifest parse build tool must provide the implementation of this file.
-*/
-#include "psa_manifest/sid.h"
-
-#else
-#include "pal_common.h"
-
-#define PSA_VERSION_NONE (0)
-#define PSA_SUCCESS (0)
-#define PSA_CONNECTION_REFUSED (INT32_MIN + 1)
-#define PSA_CONNECTION_BUSY (INT32_MIN + 2)
-#define PSA_DROP_CONNECTION (INT32_MIN)
-#define PSA_NULL_HANDLE ((psa_handle_t)0)
-
-typedef int32_t psa_status_t;
-typedef int32_t psa_handle_t;
-
-typedef struct psa_invec {
- const void *base;
- size_t len;
-} psa_invec;
-
-typedef struct psa_outvec {
- void *base;
- size_t len;
-} psa_outvec;
-
-uint32_t psa_framework_version(void);
-uint32_t psa_version(uint32_t sid);
-psa_handle_t psa_connect(uint32_t sid, uint32_t minor_version);
-psa_status_t psa_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len);
-void psa_close(psa_handle_t handle);
-#endif /* PSA_IPC_IMPLEMENTED */
-
-uint32_t pal_ipc_framework_version(void);
-uint32_t pal_ipc_version(uint32_t sid);
-psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version);
-psa_status_t pal_ipc_call(psa_handle_t handle,
- const psa_invec *in_vec,
- size_t in_len,
- psa_outvec *out_vec,
- size_t out_len);
-void pal_ipc_close(psa_handle_t handle);
-#endif /* _PAL_CLIENT_API_H_ */
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_intf.c b/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_intf.c
deleted file mode 100644
index b0aa361..0000000
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_intf.c
+++ /dev/null
@@ -1,204 +0,0 @@
-/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-**/
-
-
-#include "pal_crypto_intf.h"
-
-/**
- @brief - This API will call the requested crypto function
- @param - type : function code
- valist : variable argument list
- @return - error status
-**/
-psa_status_t pal_crypto_function(int type, va_list valist)
-{
- size_t size, *length, salt_length, label_length, ciphertext_size;
- uint8_t *buffer, *ciphertext;
- const uint8_t *salt, *label, *nonce, *additional_data, *plaintext;
- uint32_t status;
- const void *extra;
- size_t extra_size, capacity, *gen_cap, nonce_length, additional_data_length;
- psa_key_slot_t key_slot;
- psa_key_type_t key_type, *key_type_out;
- psa_key_policy_t *policy;
- psa_key_usage_t usage, *usage_out;
- psa_key_lifetime_t lifetime, *lifetime_out;
- psa_algorithm_t alg, *alg_out;
- psa_hash_operation_t *hash_operation;
- psa_mac_operation_t *mac_operation;
- psa_crypto_generator_t *generator;
-
- switch (type)
- {
- case PAL_CRYPTO_INIT:
- return psa_crypto_init();
- case PAL_CRYPTO_GENERATE_RANDOM:
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, int);
- return psa_generate_random(buffer, size);
- case PAL_CRYPTO_IMPORT_KEY:
- key_slot = va_arg(valist, psa_key_slot_t);
- key_type = va_arg(valist, psa_key_type_t);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, int);
- status = psa_import_key(key_slot, key_type, buffer, size);
- return status;
- case PAL_CRYPTO_EXPORT_KEY:
- key_slot = va_arg(valist, psa_key_slot_t);
- buffer = (uint8_t *)(va_arg(valist, uint8_t*));
- size = va_arg(valist, int);
- length = (size_t *)va_arg(valist, size_t*);
- status = psa_export_key(key_slot, buffer, size, length);
- return status;
- case PAL_CRYPTO_EXPORT_PUBLIC_KEY:
- key_slot = va_arg(valist, psa_key_slot_t);
- buffer = (uint8_t *)(va_arg(valist, uint8_t*));
- size = va_arg(valist, int);
- length = (size_t *)va_arg(valist, size_t*);
- status = psa_export_public_key(key_slot, buffer, size, length);
- return status;
- case PAL_CRYPTO_KEY_POLICY_INIT:
- policy = va_arg(valist, psa_key_policy_t*);
- psa_key_policy_init(policy);
- return 0;
- case PAL_CRYPTO_KEY_POLICY_SET_USAGE:
- policy = va_arg(valist, psa_key_policy_t*);
- usage = va_arg(valist, psa_key_usage_t);
- alg = va_arg(valist, psa_algorithm_t);
- psa_key_policy_set_usage(policy, usage, alg);
- return 0;
- case PAL_CRYPTO_SET_KEY_POLICY:
- key_slot = va_arg(valist, psa_key_slot_t);
- policy = va_arg(valist, psa_key_policy_t*);
- return psa_set_key_policy(key_slot, policy);
- case PAL_CRYPTO_DESTROY_KEY:
- key_slot = va_arg(valist, psa_key_slot_t);
- status = psa_destroy_key(key_slot);
- return status;
- case PAL_CRYPTO_GET_KEY_INFORMATION:
- key_slot = va_arg(valist, psa_key_slot_t);
- key_type_out = va_arg(valist, psa_key_type_t*);
- length = (size_t *)va_arg(valist, size_t*);
- status = psa_get_key_information(key_slot, key_type_out, length);
- return status;
- case PAL_CRYPTO_GET_KEY_POLICY:
- key_slot = va_arg(valist, psa_key_slot_t);
- policy = va_arg(valist, psa_key_policy_t*);
- return psa_get_key_policy(key_slot, policy);
- case PAL_CRYPTO_KEY_POLICY_GET_USAGE:
- policy = va_arg(valist, psa_key_policy_t*);
- usage_out = va_arg(valist, psa_key_usage_t*);
- *usage_out = psa_key_policy_get_usage(policy);
- return 0;
- case PAL_CRYPTO_KEY_POLICY_GET_ALGORITHM:
- policy = va_arg(valist, psa_key_policy_t*);
- alg_out = va_arg(valist, psa_algorithm_t*);
- *alg_out = psa_key_policy_get_algorithm(policy);
- return 0;
- case PAL_CRYPTO_GET_KEY_LIFETIME:
- key_slot = va_arg(valist, psa_key_slot_t);
- lifetime_out = va_arg(valist, psa_key_lifetime_t*);
- return psa_get_key_lifetime(key_slot, lifetime_out);
- case PAL_CRYPTO_SET_KEY_LIFETIME:
- key_slot = va_arg(valist, psa_key_slot_t);
- lifetime = va_arg(valist, psa_key_lifetime_t);
- return psa_set_key_lifetime(key_slot, lifetime);
- case PAL_CRYPTO_HASH_SETUP:
- hash_operation = va_arg(valist, psa_hash_operation_t*);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_hash_setup(hash_operation, alg);
- case PAL_CRYPTO_HASH_UPDATE:
- hash_operation = va_arg(valist, psa_hash_operation_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_hash_update(hash_operation, buffer, size);
- case PAL_CRYPTO_HASH_VERIFY:
- hash_operation = va_arg(valist, psa_hash_operation_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- return psa_hash_verify(hash_operation, buffer, size);
- case PAL_CRYPTO_HASH_FINISH:
- hash_operation = va_arg(valist, psa_hash_operation_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_hash_finish(hash_operation, buffer, size, length);
- case PAL_CRYPTO_HASH_ABORT:
- hash_operation = va_arg(valist, psa_hash_operation_t*);
- return psa_hash_abort(hash_operation);
- case PAL_CRYPTO_GENERATE_KEY:
- key_slot = va_arg(valist, psa_key_slot_t);
- key_type = va_arg(valist, psa_key_type_t);
- size = va_arg(valist, size_t);
- extra = va_arg(valist, const void*);
- extra_size = va_arg(valist, size_t);
- return psa_generate_key(key_slot, key_type, size, extra, extra_size);
- case PAL_CRYPTO_GENERATOR_READ:
- generator = va_arg(valist, psa_crypto_generator_t*);
- buffer = va_arg(valist, uint8_t*);
- size = va_arg(valist, int);
- return psa_generator_read(generator, buffer, size);
- case PAL_CRYPTO_KEY_DERIVATION:
- generator = va_arg(valist, psa_crypto_generator_t*);
- key_slot = va_arg(valist, psa_key_slot_t);
- alg = va_arg(valist, psa_algorithm_t);
- salt = va_arg(valist, const uint8_t *);
- salt_length = va_arg(valist, size_t);
- label = va_arg(valist, const uint8_t *);
- label_length = va_arg(valist, size_t);
- capacity = va_arg(valist, size_t);
- return psa_key_derivation(generator, key_slot, alg, salt, salt_length, label,
- label_length, capacity);
- case PAL_CRYPTO_GET_GENERATOR_CAPACITY:
- generator = va_arg(valist, psa_crypto_generator_t*);
- gen_cap = va_arg(valist, size_t*);
- return psa_get_generator_capacity(generator, gen_cap);
- case PAL_CRYPTO_GENERATOR_IMPORT_KEY:
- key_slot = va_arg(valist, psa_key_slot_t);
- key_type = va_arg(valist, psa_key_type_t);
- size = va_arg(valist, size_t);
- generator = va_arg(valist, psa_crypto_generator_t*);
- return psa_generator_import_key(key_slot, key_type, size, generator);
- case PAL_CRYPTO_GENERATOR_ABORT:
- generator = va_arg(valist, psa_crypto_generator_t*);
- return psa_generator_abort(generator);
- case PAL_CRYPTO_AEAD_ENCRYPT:
- key_slot = va_arg(valist, psa_key_slot_t);
- alg = va_arg(valist, psa_algorithm_t);
- nonce = va_arg(valist, const uint8_t *);
- nonce_length = va_arg(valist, size_t);
- additional_data = va_arg(valist, const uint8_t *);
- additional_data_length = va_arg(valist, size_t);
- plaintext = va_arg(valist, const uint8_t *);
- size = va_arg(valist, size_t);
- ciphertext = va_arg(valist, uint8_t *);
- ciphertext_size = va_arg(valist, size_t);
- length = va_arg(valist, size_t*);
- return psa_aead_encrypt(key_slot, alg, nonce, nonce_length, additional_data,
- additional_data_length, plaintext, size, ciphertext, ciphertext_size, length);
- case PAL_CRYPTO_MAC_SIGN_SETUP:
- mac_operation = va_arg(valist, psa_mac_operation_t*);
- key_slot = va_arg(valist, psa_key_slot_t);
- alg = va_arg(valist, psa_algorithm_t);
- return psa_mac_sign_setup(mac_operation, key_slot, alg);
- case PAL_CRYPTO_FREE:
- mbedtls_psa_crypto_free();
- return 0;
- default:
- return PAL_STATUS_UNSUPPORTED_FUNC;
- }
-}
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_intf.h b/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_intf.h
deleted file mode 100644
index 37fdef1..0000000
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_intf.h
+++ /dev/null
@@ -1,419 +0,0 @@
-/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-**/
-
-#ifndef _PAL_CRYPTO_H_
-#define _PAL_CRYPTO_H_
-
-#include <stdarg.h>
-#include "pal_common.h"
-
-#define PAL_STATUS_UNSUPPORTED_FUNC 0xFF
-
-typedef uint32_t psa_key_usage_t;
-typedef uint32_t psa_algorithm_t;
-typedef int32_t psa_status_t;
-typedef uint32_t psa_key_type_t;
-typedef uint32_t psa_key_slot_t;
-typedef uint32_t psa_key_lifetime_t;
-typedef struct mbedtls_cipher_base_t mbedtls_cipher_base_t;
-
-enum crypto_function_code {
- PAL_CRYPTO_INIT = 0x1,
- PAL_CRYPTO_GENERATE_RANDOM = 0x2,
- PAL_CRYPTO_IMPORT_KEY = 0x3,
- PAL_CRYPTO_EXPORT_KEY = 0x4,
- PAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
- PAL_CRYPTO_DESTROY_KEY = 0x6,
- PAL_CRYPTO_GET_KEY_INFO = 0x7,
- PAL_CRYPTO_KEY_POLICY_INIT = 0x8,
- PAL_CRYPTO_KEY_POLICY_SET_USAGE = 0x9,
- PAL_CRYPTO_KEY_POLICY_GET_USAGE = 0xA,
- PAL_CRYPTO_KEY_POLICY_GET_ALGORITHM = 0xB,
- PAL_CRYPTO_SET_KEY_POLICY = 0xC,
- PAL_CRYPTO_GET_KEY_POLICY = 0xD,
- PAL_CRYPTO_GET_KEY_INFORMATION = 0xE,
- PAL_CRYPTO_GET_KEY_LIFETIME = 0xF,
- PAL_CRYPTO_SET_KEY_LIFETIME = 0x10,
- PAL_CRYPTO_HASH_SETUP = 0x11,
- PAL_CRYPTO_HASH_UPDATE = 0x12,
- PAL_CRYPTO_HASH_VERIFY = 0x13,
- PAL_CRYPTO_HASH_FINISH = 0x14,
- PAL_CRYPTO_HASH_ABORT = 0x15,
- PAL_CRYPTO_GENERATE_KEY = 0x16,
- PAL_CRYPTO_GENERATOR_READ = 0x17,
- PAL_CRYPTO_KEY_DERIVATION = 0x18,
- PAL_CRYPTO_GET_GENERATOR_CAPACITY = 0x19,
- PAL_CRYPTO_GENERATOR_IMPORT_KEY = 0x20,
- PAL_CRYPTO_GENERATOR_ABORT = 0x21,
- PAL_CRYPTO_AEAD_ENCRYPT = 0x22,
- PAL_CRYPTO_MAC_SIGN_SETUP,
- PAL_CRYPTO_FREE = 0xFE,
-};
-
-struct psa_key_policy_s {
- psa_key_usage_t usage;
- psa_algorithm_t alg;
-};
-
-typedef struct {
- unsigned char cksum[16]; /*!< checksum of the data block */
- unsigned char state[48]; /*!< intermediate digest state */
- unsigned char buffer[16]; /*!< data block being processed */
- size_t left; /*!< amount of data in buffer */
-} mbedtls_md2_context;
-
-typedef struct {
- uint32_t total[2]; /*!< number of bytes processed */
- uint32_t state[4]; /*!< intermediate digest state */
- unsigned char buffer[64]; /*!< data block being processed */
-} mbedtls_md4_context;
-
-typedef struct {
- uint32_t total[2]; /*!< number of bytes processed */
- uint32_t state[4]; /*!< intermediate digest state */
- unsigned char buffer[64]; /*!< data block being processed */
-} mbedtls_md5_context;
-
-typedef struct {
- uint32_t total[2]; /*!< number of bytes processed */
- uint32_t state[5]; /*!< intermediate digest state */
- unsigned char buffer[64]; /*!< data block being processed */
-} mbedtls_ripemd160_context;
-
-typedef struct {
- uint32_t total[2]; /*!< The number of Bytes processed. */
- uint32_t state[5]; /*!< The intermediate digest state. */
- unsigned char buffer[64]; /*!< The data block being processed. */
-} mbedtls_sha1_context;
-
-typedef struct {
- uint32_t total[2]; /*!< The number of Bytes processed. */
- uint32_t state[8]; /*!< The intermediate digest state. */
- unsigned char buffer[64]; /*!< The data block being processed. */
- int is224; /*!< Determines which function to use:
- 0: Use SHA-256, or 1: Use SHA-224. */
-} mbedtls_sha256_context;
-
-typedef struct {
- uint64_t total[2]; /*!< The number of Bytes processed. */
- uint64_t state[8]; /*!< The intermediate digest state. */
- unsigned char buffer[128]; /*!< The data block being processed. */
- int is384; /*!< Determines which function to use:
- 0: Use SHA-512, or 1: Use SHA-384. */
-} mbedtls_sha512_context;
-
-/**
- * \brief Supported {cipher type, cipher mode} pairs.
- *
- * \warning RC4 and DES are considered weak ciphers and their use
- * constitutes a security risk. Arm recommends considering stronger
- * ciphers instead.
- */
-typedef enum {
- MBEDTLS_CIPHER_NONE = 0, /**< Placeholder to mark the end of cipher-pair lists. */
- MBEDTLS_CIPHER_NULL, /**< The identity stream cipher. */
- MBEDTLS_CIPHER_AES_128_ECB, /**< AES cipher with 128-bit ECB mode. */
- MBEDTLS_CIPHER_AES_192_ECB, /**< AES cipher with 192-bit ECB mode. */
- MBEDTLS_CIPHER_AES_256_ECB, /**< AES cipher with 256-bit ECB mode. */
- MBEDTLS_CIPHER_AES_128_CBC, /**< AES cipher with 128-bit CBC mode. */
- MBEDTLS_CIPHER_AES_192_CBC, /**< AES cipher with 192-bit CBC mode. */
- MBEDTLS_CIPHER_AES_256_CBC, /**< AES cipher with 256-bit CBC mode. */
- MBEDTLS_CIPHER_AES_128_CFB128, /**< AES cipher with 128-bit CFB128 mode. */
- MBEDTLS_CIPHER_AES_192_CFB128, /**< AES cipher with 192-bit CFB128 mode. */
- MBEDTLS_CIPHER_AES_256_CFB128, /**< AES cipher with 256-bit CFB128 mode. */
- MBEDTLS_CIPHER_AES_128_CTR, /**< AES cipher with 128-bit CTR mode. */
- MBEDTLS_CIPHER_AES_192_CTR, /**< AES cipher with 192-bit CTR mode. */
- MBEDTLS_CIPHER_AES_256_CTR, /**< AES cipher with 256-bit CTR mode. */
- MBEDTLS_CIPHER_AES_128_GCM, /**< AES cipher with 128-bit GCM mode. */
- MBEDTLS_CIPHER_AES_192_GCM, /**< AES cipher with 192-bit GCM mode. */
- MBEDTLS_CIPHER_AES_256_GCM, /**< AES cipher with 256-bit GCM mode. */
- MBEDTLS_CIPHER_CAMELLIA_128_ECB, /**< Camellia cipher with 128-bit ECB mode. */
- MBEDTLS_CIPHER_CAMELLIA_192_ECB, /**< Camellia cipher with 192-bit ECB mode. */
- MBEDTLS_CIPHER_CAMELLIA_256_ECB, /**< Camellia cipher with 256-bit ECB mode. */
- MBEDTLS_CIPHER_CAMELLIA_128_CBC, /**< Camellia cipher with 128-bit CBC mode. */
- MBEDTLS_CIPHER_CAMELLIA_192_CBC, /**< Camellia cipher with 192-bit CBC mode. */
- MBEDTLS_CIPHER_CAMELLIA_256_CBC, /**< Camellia cipher with 256-bit CBC mode. */
- MBEDTLS_CIPHER_CAMELLIA_128_CFB128, /**< Camellia cipher with 128-bit CFB128 mode. */
- MBEDTLS_CIPHER_CAMELLIA_192_CFB128, /**< Camellia cipher with 192-bit CFB128 mode. */
- MBEDTLS_CIPHER_CAMELLIA_256_CFB128, /**< Camellia cipher with 256-bit CFB128 mode. */
- MBEDTLS_CIPHER_CAMELLIA_128_CTR, /**< Camellia cipher with 128-bit CTR mode. */
- MBEDTLS_CIPHER_CAMELLIA_192_CTR, /**< Camellia cipher with 192-bit CTR mode. */
- MBEDTLS_CIPHER_CAMELLIA_256_CTR, /**< Camellia cipher with 256-bit CTR mode. */
- MBEDTLS_CIPHER_CAMELLIA_128_GCM, /**< Camellia cipher with 128-bit GCM mode. */
- MBEDTLS_CIPHER_CAMELLIA_192_GCM, /**< Camellia cipher with 192-bit GCM mode. */
- MBEDTLS_CIPHER_CAMELLIA_256_GCM, /**< Camellia cipher with 256-bit GCM mode. */
- MBEDTLS_CIPHER_DES_ECB, /**< DES cipher with ECB mode. */
- MBEDTLS_CIPHER_DES_CBC, /**< DES cipher with CBC mode. */
- MBEDTLS_CIPHER_DES_EDE_ECB, /**< DES cipher with EDE ECB mode. */
- MBEDTLS_CIPHER_DES_EDE_CBC, /**< DES cipher with EDE CBC mode. */
- MBEDTLS_CIPHER_DES_EDE3_ECB, /**< DES cipher with EDE3 ECB mode. */
- MBEDTLS_CIPHER_DES_EDE3_CBC, /**< DES cipher with EDE3 CBC mode. */
- MBEDTLS_CIPHER_BLOWFISH_ECB, /**< Blowfish cipher with ECB mode. */
- MBEDTLS_CIPHER_BLOWFISH_CBC, /**< Blowfish cipher with CBC mode. */
- MBEDTLS_CIPHER_BLOWFISH_CFB64, /**< Blowfish cipher with CFB64 mode. */
- MBEDTLS_CIPHER_BLOWFISH_CTR, /**< Blowfish cipher with CTR mode. */
- MBEDTLS_CIPHER_ARC4_128, /**< RC4 cipher with 128-bit mode. */
- MBEDTLS_CIPHER_AES_128_CCM, /**< AES cipher with 128-bit CCM mode. */
- MBEDTLS_CIPHER_AES_192_CCM, /**< AES cipher with 192-bit CCM mode. */
- MBEDTLS_CIPHER_AES_256_CCM, /**< AES cipher with 256-bit CCM mode. */
- MBEDTLS_CIPHER_CAMELLIA_128_CCM, /**< Camellia cipher with 128-bit CCM mode. */
- MBEDTLS_CIPHER_CAMELLIA_192_CCM, /**< Camellia cipher with 192-bit CCM mode. */
- MBEDTLS_CIPHER_CAMELLIA_256_CCM, /**< Camellia cipher with 256-bit CCM mode. */
-} mbedtls_cipher_type_t;
-
-/** Supported cipher modes. */
-typedef enum {
- MBEDTLS_MODE_NONE = 0, /**< None. */
- MBEDTLS_MODE_ECB, /**< The ECB cipher mode. */
- MBEDTLS_MODE_CBC, /**< The CBC cipher mode. */
- MBEDTLS_MODE_CFB, /**< The CFB cipher mode. */
- MBEDTLS_MODE_OFB, /**< The OFB cipher mode - unsupported. */
- MBEDTLS_MODE_CTR, /**< The CTR cipher mode. */
- MBEDTLS_MODE_GCM, /**< The GCM cipher mode. */
- MBEDTLS_MODE_STREAM, /**< The stream cipher mode. */
- MBEDTLS_MODE_CCM, /**< The CCM cipher mode. */
-} mbedtls_cipher_mode_t;
-
-struct psa_hash_operation_s {
- psa_algorithm_t alg;
- union
- {
- unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
- mbedtls_md2_context md2;
- mbedtls_md4_context md4;
- mbedtls_md5_context md5;
- mbedtls_ripemd160_context ripemd160;
- mbedtls_sha1_context sha1;
- mbedtls_sha256_context sha256;
- mbedtls_sha512_context sha512;
- } ctx;
-};
-
-typedef struct {
- /** Full cipher identifier. For example,
- * MBEDTLS_CIPHER_AES_256_CBC.
- */
- mbedtls_cipher_type_t type;
-
- /** The cipher mode. For example, MBEDTLS_MODE_CBC. */
- mbedtls_cipher_mode_t mode;
-
- /** The cipher key length, in bits. This is the
- * default length for variable sized ciphers.
- * Includes parity bits for ciphers like DES.
- */
- unsigned int key_bitlen;
-
- /** Name of the cipher. */
- const char *name;
-
- /** IV or nonce size, in Bytes.
- * For ciphers that accept variable IV sizes,
- * this is the recommended size.
- */
- unsigned int iv_size;
-
- /** Bitflag comprised of MBEDTLS_CIPHER_VARIABLE_IV_LEN and
- * MBEDTLS_CIPHER_VARIABLE_KEY_LEN indicating whether the
- * cipher supports variable IV or variable key sizes, respectively.
- */
- int flags;
-
- /** The block size, in Bytes. */
- unsigned int block_size;
-
- /** Struct for base cipher information and functions. */
- const mbedtls_cipher_base_t *base;
-
-} mbedtls_cipher_info_t;
-
-/** Type of operation. */
-typedef enum {
- MBEDTLS_OPERATION_NONE = -1,
- MBEDTLS_DECRYPT = 0,
- MBEDTLS_ENCRYPT,
-} mbedtls_operation_t;
-
-/** Maximum length of any IV, in Bytes. */
-#define MBEDTLS_MAX_IV_LENGTH 16
-/** Maximum block size of any cipher, in Bytes. */
-#define MBEDTLS_MAX_BLOCK_LENGTH 16
-
-#if defined(MBEDTLS_SHA512_C)
-#define PSA_HASH_MAX_SIZE 64
-#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128
-#else
-#define PSA_HASH_MAX_SIZE 32
-#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64
-#endif
-
-/**
- * Generic cipher context.
- */
-typedef struct {
- /** Information about the associated cipher. */
- const mbedtls_cipher_info_t *cipher_info;
-
- /** Key length to use. */
- int key_bitlen;
-
- /** Operation that the key of the context has been
- * initialized for.
- */
- mbedtls_operation_t operation;
-
-#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
- /** Padding functions to use, if relevant for
- * the specific cipher mode.
- */
- void (*add_padding)(unsigned char *output, size_t olen, size_t data_len);
- int (*get_padding)(unsigned char *input, size_t ilen, size_t *data_len);
-#endif
-
- /** Buffer for input that has not been processed yet. */
- unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH];
-
- /** Number of Bytes that have not been processed yet. */
- size_t unprocessed_len;
-
- /** Current IV or NONCE_COUNTER for CTR-mode. */
- unsigned char iv[MBEDTLS_MAX_IV_LENGTH];
-
- /** IV size in Bytes, for ciphers with variable-length IVs. */
- size_t iv_size;
-
- /** The cipher-specific context. */
- void *cipher_ctx;
-
-#if defined(MBEDTLS_CMAC_C)
- /** CMAC-specific context. */
- mbedtls_cmac_context_t *cmac_ctx;
-#endif
-} mbedtls_cipher_context_t;
-
-typedef struct {
- /** The hash context. */
- struct psa_hash_operation_s hash_ctx;
- /** The HMAC part of the context. */
- uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
-} psa_hmac_internal_data;
-
-struct psa_mac_operation_s {
- psa_algorithm_t alg;
- unsigned int key_set : 1;
- unsigned int iv_required : 1;
- unsigned int iv_set : 1;
- unsigned int has_input : 1;
- unsigned int is_sign : 1;
- uint8_t mac_size;
- union {
- unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
-#if defined(MBEDTLS_MD_C)
- psa_hmac_internal_data hmac;
-#endif
-#if defined(MBEDTLS_CMAC_C)
- mbedtls_cipher_context_t cmac;
-#endif
- } ctx;
-};
-
-typedef struct {
- uint8_t *info;
- size_t info_length;
- psa_hmac_internal_data hmac;
- uint8_t prk[PSA_HASH_MAX_SIZE];
- uint8_t output_block[PSA_HASH_MAX_SIZE];
-#if PSA_HASH_MAX_SIZE > 0xff
-#error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
-#endif
- uint8_t offset_in_block;
- uint8_t block_number;
-} psa_hkdf_generator_t;
-
-struct psa_crypto_generator_s {
- psa_algorithm_t alg;
- size_t capacity;
- union {
- struct {
- uint8_t *data;
- size_t size;
- } buffer;
-#if defined(MBEDTLS_MD_C)
- psa_hkdf_generator_t hkdf;
-#endif
- } ctx;
-};
-
-typedef struct psa_hash_operation_s psa_hash_operation_t;
-typedef struct psa_key_policy_s psa_key_policy_t;
-typedef struct psa_mac_operation_s psa_mac_operation_t;
-typedef struct psa_crypto_generator_s psa_crypto_generator_t;
-
-psa_status_t psa_crypto_init(void);
-psa_status_t psa_import_key(psa_key_slot_t key, psa_key_type_t type,
- const uint8_t *data, size_t data_length);
-psa_status_t psa_export_key(psa_key_slot_t key, uint8_t *data,
- size_t data_size, size_t *data_length);
-void psa_key_policy_init(psa_key_policy_t *policy);
-void psa_key_policy_set_usage(psa_key_policy_t *policy, psa_key_usage_t usage,
- psa_algorithm_t alg);
-psa_status_t psa_set_key_policy(psa_key_slot_t key, const psa_key_policy_t *policy);
-psa_status_t psa_destroy_key(psa_key_slot_t key);
-psa_status_t psa_export_public_key(psa_key_slot_t key, uint8_t *data,
- size_t data_size, size_t *data_length);
-psa_status_t psa_generate_key(psa_key_slot_t key, psa_key_type_t type,
- size_t bits, const void *extra, size_t extra_size);
-psa_status_t psa_get_key_information(psa_key_slot_t key, psa_key_type_t *type, size_t *bits);
-psa_status_t psa_get_key_policy(psa_key_slot_t key, psa_key_policy_t *policy);
-psa_key_usage_t psa_key_policy_get_usage(const psa_key_policy_t *policy);
-psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy);
-psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
- psa_key_lifetime_t *lifetime);
-psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
- psa_key_lifetime_t lifetime);
-psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
- psa_algorithm_t alg);
-psa_status_t psa_hash_update(psa_hash_operation_t *operation,
- const uint8_t *input, size_t input_length);
-psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
- const uint8_t *hash, size_t hash_length);
-psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
- uint8_t *hash, size_t hash_size, size_t *hash_length);
-psa_status_t psa_hash_abort(psa_hash_operation_t *operation);
-psa_status_t psa_generate_random(uint8_t *output, size_t output_size);
-psa_status_t psa_generate_key(psa_key_slot_t key, psa_key_type_t type, size_t bits,
- const void *extra, size_t extra_size);
-psa_status_t psa_generator_read(psa_crypto_generator_t *generator, uint8_t *output,
- size_t output_length);
-psa_status_t psa_key_derivation(psa_crypto_generator_t *generator, psa_key_slot_t key,
- psa_algorithm_t alg, const uint8_t *salt, size_t salt_length,
- const uint8_t *label, size_t label_length, size_t capacity);
-psa_status_t psa_get_generator_capacity(const psa_crypto_generator_t *generator,
- size_t *capacity);
-psa_status_t psa_generator_import_key(psa_key_slot_t key, psa_key_type_t type, size_t bits,
- psa_crypto_generator_t *generator);
-psa_status_t psa_generator_abort(psa_crypto_generator_t *generator);
-psa_status_t psa_aead_encrypt(psa_key_slot_t key, psa_algorithm_t alg, const uint8_t *nonce,
- size_t nonce_length, const uint8_t *additional_data,
- size_t additional_data_length, const uint8_t *plaintext,
- size_t plaintext_length, uint8_t *ciphertext, size_t ciphertext_size,
- size_t *ciphertext_length);
-psa_status_t psa_mac_sign_setup(psa_mac_operation_t *operation, psa_key_slot_t key,
- psa_algorithm_t alg);
-void mbedtls_psa_crypto_free(void);
-psa_status_t pal_crypto_function(int type, va_list valist);
-#endif /* _PAL_CRYPTO_H_ */
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_sid.h b/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_sid.h
deleted file mode 100644
index 988b3bb..0000000
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_sid.h
+++ /dev/null
@@ -1,35 +0,0 @@
-/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
- * SPDX-License-Identifier : Apache-2.0
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
-**/
-
-#ifndef _PAL_SID_H_
-#define _PAL_SID_H_
-
-/* SID Constant defined and used by test suite */
-#define CLIENT_TEST_DISPATCHER_SID 0x0000FA01
-#define SERVER_TEST_DISPATCHER_SID 0x0000FB01
-#define SERVER_SECURE_CONNECT_ONLY_SID 0x0000FB02
-#define SERVER_STRICT_MINOR_VERSION_SID 0x0000FB03
-#define SERVER_UNSPECIFED_MINOR_V_SID 0x0000FB04
-#define SERVER_RELAX_MINOR_VERSION_SID 0x0000FB05
-#define SERVER_UNEXTERN_SID 0x0000FB06
-#define SERVER_CONNECTION_DROP_SID 0x0000FB07
-#define DRIVER_UART_SID 0x0000FC01
-#define DRIVER_WATCHDOG_SID 0x0000FC02
-#define DRIVER_NVMEM_SID 0x0000FC03
-#define DRIVER_TARGET_INIT_SID 0x0000FC04
-
-#endif /* _PAL_SID_H_ */
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/Makefile b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/Makefile
similarity index 63%
rename from api-tests/platform/targets/fvp_mps2_cm4_mbedos/Makefile
rename to api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/Makefile
index da2f089..b44d0cf 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/Makefile
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/Makefile
@@ -1,4 +1,4 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
# * Licensed under the Apache License, Version 2.0 (the "License");
@@ -16,20 +16,48 @@
include $(SOURCE)/tools/makefiles/toolchain.mk
-# Local PAL Make variable
+# Make variables to select correct instances of PAL files
+
## PSA_IPC_IMPLEMENTED must be true for IPC SUITE
-PSA_IPC_IMPLEMENTED:=1
+PSA_IPC_IMPLEMENTED:=0
## PSA_CRYPTO_IMPLEMENTED must be true for CRYPTO SUITE
PSA_CRYPTO_IMPLEMENTED:=1
-# PAL C source files part of NSPE library
-SRC_C_NSPE= pal_driver_ns_intf.c
+## PSA_PROTECTED_STORAGE_IMPLEMENTED must be true for PROTECTED_STORAGE SUITE
+PSA_PROTECTED_STORAGE_IMPLEMENTED:=1
+
+## PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED must be true for INTERNAL_TRUSTED_STORAGE SUITE
+PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED:=1
+
+## PSA_INITIAL_ATTESTATION_IMPLEMENTED must be true for INITIAL_ATTESTATION SUITE
+PSA_INITIAL_ATTESTATION_IMPLEMENTED:=0
+
+# Make variables holding NSPE/SPE source files
+
+## PAL C source files part of NSPE library
+SRC_C_NSPE=
+
+## PAL ASM source files part of NSPE library
+SRC_ASM_NSPE=
+
+## PAL C source files part of SPE library - driver partition
+SRC_C_DRIVER_SP=
+
+## PAL ASM source files part of SPE library - driver partition
+SRC_ASM_DRIVER_SP=
ifeq (${PSA_IPC_IMPLEMENTED},1)
+# When PSA_IPC_IMPLEMENTED=1, driver functionalities are implemented as RoT-services
+# and secure and non-secure clients will call to these RoT-services to get appropriate driver services.
SRC_C_NSPE += pal_client_api_intf.c
SRC_C_NSPE += pal_driver_ipc_intf.c
+
+# Driver files will be compiled as part of driver partition
+SRC_C_DRIVER_SP += pal_driver_intf.c pal_nvmem.c pal_uart.c pal_wd_cmsdk.c
else
+
+# When PSA_IPC_IMPLEMENTED=0, driver files will be compiled as part of NSPE
SRC_C_NSPE += pal_client_api_empty_intf.c
SRC_C_NSPE += pal_driver_ns_intf.c pal_nvmem.c pal_uart.c pal_wd_cmsdk.c
endif
@@ -40,15 +68,23 @@
SRC_C_NSPE += pal_crypto_empty_intf.c
endif
-# PAL ASM source files part of NSPE library
-SRC_ASM_NSPE=
+ifeq (${PSA_PROTECTED_STORAGE_IMPLEMENTED},1)
+SRC_C_NSPE += pal_protected_storage_intf.c
+else
+SRC_C_NSPE += pal_protected_storage_empty_intf.c
+endif
-# PAL C source files part of SPE library - driver partition
-SRC_C_DRIVER_SP= pal_driver_intf.c pal_nvmem.c pal_uart.c pal_wd_cmsdk.c
+ifeq (${PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED},1)
+SRC_C_NSPE += pal_internal_trusted_storage_intf.c
+else
+SRC_C_NSPE += pal_internal_trusted_storage_empty_intf.c
+endif
-# PAL ASM source files part of SPE library - driver partition
-SRC_ASM_DRIVER_SP=
-
+ifeq (${PSA_INITIAL_ATTESTATION_IMPLEMENTED},1)
+SRC_C_NSPE += pal_attestation_intf.c
+else
+SRC_C_NSPE += pal_attestation_empty_intf.c
+endif
INCLUDE= -I$(SOURCE)/platform/targets/$(TARGET)/nspe \
-I$(SOURCE)/platform/targets/$(TARGET)/spe \
@@ -101,7 +137,7 @@
# Generated %_driver_sp.o(s) are used in spbuild.mk to create final driver_partition.a
$(BUILD)/platform/spe/%_driver_sp.o : %.c
- $(CC) $(INCLUDE) -o $@ -c $<
+ $(CC) $(INCLUDE) -DSPE_BUILD -o $@ -c $<
$(BUILD)/platform/spe/%_driver_sp.o : %.s
$(AS) $(INCLUDE) -o $@ $<
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/common/driver_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/manifests/common/driver_partition_psa.json
similarity index 77%
rename from api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/common/driver_partition_psa.json
rename to api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/manifests/common/driver_partition_psa.json
index 12dd18b..5d57571 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/common/driver_partition_psa.json
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/manifests/common/driver_partition_psa.json
@@ -1,13 +1,13 @@
{
"psa_framework_version": 1.0,
"name": "DRIVER_PARTITION",
- "type": "APPLICATION-ROT",
+ "type": "PSA-ROT",
"priority": "NORMAL",
"id": "0x00000003",
"description": "Implements device services such print, flash read/write,. etc.",
"entry_point": "driver_main",
"stack_size": "0x400",
- "heap_size": "0x400",
+ "heap_size": "0x100",
"services": [{
"name": "DRIVER_UART_SID",
"sid": "0x0000FC01",
@@ -33,9 +33,9 @@
"minor_policy": "RELAXED"
},
{
- "name": "DRIVER_TARGET_INIT_SID",
+ "name": "TEST_INTR_SID",
"sid": "0x0000FC04",
- "signal": "DRIVER_TARGET_INIT_SIG",
+ "signal": "TEST_INTR_SIG",
"non_secure_clients": true,
"minor_version": 1,
"minor_policy": "RELAXED"
@@ -45,20 +45,32 @@
{
"name": "UART_REGION",
"base": "0x40004000",
- "size": "0xFFF",
+ "size": "0x1000",
"permission": "READ-WRITE"
},
{
"name": "WATCHDOG_REGION",
"base": "0x40008000",
- "size": "0xFFF",
+ "size": "0x1000",
"permission": "READ-WRITE"
},
{
"name": "NVMEM_REGION",
"base": "0x2002F000",
- "size": "0xFFF",
+ "size": "0x400",
"permission": "READ-WRITE"
+ },
+ {
+ "name": "DRIVER_PARTITION_MMIO",
+ "base": "0x200AF040",
+ "size": "0x20",
+ "permission": "READ-WRITE"
+ }
+ ],
+ "irqs": [
+ {
+ "signal": "DRIVER_UART_INTR_SIG",
+ "line_num": 17
}
],
"linker_pattern": {
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/ipc/client_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/manifests/ipc/client_partition_psa.json
similarity index 80%
rename from api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/ipc/client_partition_psa.json
rename to api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/manifests/ipc/client_partition_psa.json
index a2a2ce5..081dc95 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/ipc/client_partition_psa.json
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/manifests/ipc/client_partition_psa.json
@@ -7,7 +7,7 @@
"description": "Client partition executing client test func from SPE",
"entry_point": "client_main",
"stack_size": "0x400",
- "heap_size": "0x400",
+ "heap_size": "0x100",
"services": [{
"name": "CLIENT_TEST_DISPATCHER_SID",
"sid": "0x0000FA01",
@@ -20,6 +20,7 @@
"dependencies": [
"DRIVER_UART_SID",
"DRIVER_NVMEM_SID",
+ "TEST_INTR_SID",
"SERVER_TEST_DISPATCHER_SID",
"SERVER_UNSPECIFED_MINOR_V_SID",
"SERVER_STRICT_MINOR_VERSION_SID",
@@ -27,6 +28,14 @@
"SERVER_SECURE_CONNECT_ONLY_SID",
"SERVER_CONNECTION_DROP_SID"
],
+ "mmio_regions" : [
+ {
+ "name": "CLIENT_PARTITION_MMIO",
+ "base": "0x200AF000",
+ "size": "0x20",
+ "permission": "READ-WRITE"
+ }
+ ],
"linker_pattern": {
"object_list": [
"client_partition.a"
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/ipc/server_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/manifests/ipc/server_partition_psa.json
similarity index 98%
rename from api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/ipc/server_partition_psa.json
rename to api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/manifests/ipc/server_partition_psa.json
index 167faa0..3541387 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/ipc/server_partition_psa.json
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/manifests/ipc/server_partition_psa.json
@@ -7,7 +7,7 @@
"description": "Server partition executing server test func",
"entry_point": "server_main",
"stack_size": "0x400",
- "heap_size": "0x400",
+ "heap_size": "0x100",
"services": [{
"name": "SERVER_TEST_DISPATCHER_SID",
"sid": "0x0000FB01",
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_attestation_empty_intf.c
similarity index 74%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
copy to api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_attestation_empty_intf.c
index 14649e9..faf3f49 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_attestation_empty_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,17 +15,16 @@
* limitations under the License.
**/
-
+#include <stdarg.h>
#include "pal_common.h"
-#include "pal_crypto_intf.h"
/**
- @brief - This API will call the requested crypto function
+ @brief - This API will call the requested attestation function
@param - type : function code
valist : variable argument list
@return - error status
**/
-psa_status_t pal_crypto_function(int type, va_list valist)
+int32_t pal_attestation_function(int type, va_list valist)
{
- return PAL_STATUS_UNSUPPORTED_FUNC;
+ return PAL_STATUS_ERROR;
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_attestation_intf.c b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_attestation_intf.c
new file mode 100644
index 0000000..618ea07
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_attestation_intf.c
@@ -0,0 +1,43 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_attestation_intf.h"
+
+/**
+ @brief - This API will call the requested attestation function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_attestation_function(int type, va_list valist)
+{
+ uint8_t *challenge, *token;
+ size_t challenge_size, *token_size;
+
+ switch (type)
+ {
+ case PAL_INITIAL_ATTEST_GET_TOKEN:
+ challenge = va_arg(valist, uint8_t*);
+ challenge_size = va_arg(valist, size_t);
+ token = va_arg(valist, uint8_t*);
+ token_size = va_arg(valist, size_t*);
+ return psa_initial_attest_get_token(challenge, challenge_size, token, token_size);
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_attestation_intf.h
similarity index 62%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
copy to api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_attestation_intf.h
index 14649e9..eebb514 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_attestation_intf.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,17 +15,14 @@
* limitations under the License.
**/
+#ifndef _PAL_INITIAL_ATTESTATION_H_
+#define _PAL_INITIAL_ATTESTATION_H_
#include "pal_common.h"
-#include "pal_crypto_intf.h"
-/**
- @brief - This API will call the requested crypto function
- @param - type : function code
- valist : variable argument list
- @return - error status
-**/
-psa_status_t pal_crypto_function(int type, va_list valist)
-{
- return PAL_STATUS_UNSUPPORTED_FUNC;
-}
+enum attestation_function_code {
+ PAL_INITIAL_ATTEST_GET_TOKEN = 0x1,
+};
+
+int32_t pal_attestation_function(int type, va_list valist);
+#endif /* _PAL_INITIAL_ATTESTATION_H_ */
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_client_api_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_client_api_empty_intf.c
similarity index 96%
rename from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_client_api_empty_intf.c
rename to api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_client_api_empty_intf.c
index 8e2aa22..578b4ce 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_client_api_empty_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_client_api_empty_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,7 +17,6 @@
#include "pal_common.h"
#include "pal_client_api_intf.h"
-#include "pal_sid.h"
/**
* @brief - Retrieve the version of the PSA Framework API that is implemented.
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_client_api_intf.c b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_client_api_intf.c
similarity index 97%
rename from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_client_api_intf.c
rename to api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_client_api_intf.c
index 21350ea..20ddd11 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_client_api_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_client_api_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,7 +17,6 @@
#include "pal_common.h"
#include "pal_client_api_intf.h"
-#include "pal_sid.h"
/**
* @brief - Retrieve the version of the PSA Framework API that is implemented.
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_client_api_intf.h b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_client_api_intf.h
new file mode 100644
index 0000000..3f5741e
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_client_api_intf.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CLIENT_API_H_
+#define _PAL_CLIENT_API_H_
+
+#include "pal_common.h"
+
+uint32_t pal_ipc_framework_version(void);
+uint32_t pal_ipc_version(uint32_t sid);
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version);
+psa_status_t pal_ipc_call(psa_handle_t handle,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
+void pal_ipc_close(psa_handle_t handle);
+#endif /* _PAL_CLIENT_API_H_ */
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_common.h b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_common.h
similarity index 64%
rename from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_common.h
rename to api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_common.h
index 79dc7a3..d5acb2e 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_common.h
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_common.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -21,6 +21,12 @@
#include <string.h>
#include <stdint.h>
#include <stdlib.h>
+#include <limits.h>
+#include <stdarg.h>
+
+#ifndef TARGET_CFG_BUILD
+#include "pal_config.h"
+#endif
/* typedef's */
typedef uint8_t bool_t;
@@ -30,11 +36,13 @@
typedef char char8_t;
typedef uint32_t cfg_id_t;
+#define PAL_STATUS_UNSUPPORTED_FUNC 0xFF
+
typedef enum
{
PAL_STATUS_SUCCESS = 0x0,
PAL_STATUS_ERROR = 0x80
-}pal_status_t;
+} pal_status_t;
typedef enum {
NVMEM_READ = 0x1,
@@ -59,13 +67,14 @@
WD_LOW_TIMEOUT = 0x1,
WD_MEDIUM_TIMEOUT = 0x2,
WD_HIGH_TIMEOUT = 0x3,
+ WD_CRYPTO_TIMEOUT = 0x4,
} wd_timeout_type_t;
typedef struct {
wd_fn_type_t wd_fn_type;
- addr_t wd_base_addr;
- uint32_t wd_time_us;
- uint32_t wd_timer_tick_us;
+ addr_t wd_base_addr;
+ uint32_t wd_time_us;
+ uint32_t wd_timer_tick_us;
} wd_param_t;
typedef enum {
@@ -73,4 +82,36 @@
UART_PRINT = 0x2,
} uart_fn_type_t;
+/*
+ * Redefining some of the client.h elements for compilation to go through
+ * when PSA IPC APIs are not implemented.
+ */
+#if (PSA_IPC_IMPLEMENTED == 0)
+
+#ifndef PSA_VERSION_NONE
+#define PSA_VERSION_NONE (0)
+#endif
+
+#ifndef PSA_SUCCESS
+#define PSA_SUCCESS (0)
+typedef int32_t psa_status_t;
+#endif
+typedef int32_t psa_handle_t;
+
+#ifndef PSA_NULL_HANDLE
+#define PSA_NULL_HANDLE ((psa_handle_t)0)
+#endif
+
+typedef struct psa_invec {
+ const void *base;
+ size_t len;
+} psa_invec;
+
+typedef struct psa_outvec {
+ void *base;
+ size_t len;
+} psa_outvec;
+
+#endif /* PSA_IPC_IMPLEMENTED */
+
#endif /* _PAL_COMMON_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_config.h
new file mode 100644
index 0000000..daa0ec5
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_config.h
@@ -0,0 +1,104 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CONFIG_H_
+#define _PAL_CONFIG_H_
+
+/*
+ * List of macros used by test suite
+ */
+#if !defined(PSA_IPC_IMPLEMENTED)
+#define PSA_IPC_IMPLEMENTED 0
+#endif
+
+#if !defined(PSA_CRYPTO_IMPLEMENTED)
+#define PSA_CRYPTO_IMPLEMENTED 0
+#endif
+
+#if !defined(PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED)
+#define PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED 0
+#endif
+
+#if !defined(PSA_PROTECTED_STORAGE_IMPLEMENTED)
+#define PSA_PROTECTED_STORAGE_IMPLEMENTED 0
+#endif
+
+#if !defined(PSA_INITIAL_ATTESTATION_IMPLEMENTED)
+#define PSA_INITIAL_ATTESTATION_IMPLEMENTED 0
+#endif
+
+#if (PSA_IPC_IMPLEMENTED == 0) && \
+ (PSA_CRYPTO_IMPLEMENTED == 0) && \
+ (PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED == 0) && \
+ (PSA_PROTECTED_STORAGE_IMPLEMENTED == 0) && \
+ (PSA_INITIAL_ATTESTATION_IMPLEMENTED == 0)
+#error "You must define at least one of these macros to run test suite"
+#endif
+
+#if !defined(VERBOSE)
+#define VERBOSE 4 /* Print verbosity = ERROR */
+#endif
+
+#if (!defined(VAL_NSPE_BUILD) && !defined(SPE_BUILD))
+#define VAL_NSPE_BUILD 1
+#endif
+
+#if (!defined(NONSECURE_TEST_BUILD) && !defined(SPE_BUILD))
+#define NONSECURE_TEST_BUILD 1
+#endif
+
+#if !defined(TEST_COMBINE_ARCHIVE)
+//#define TEST_COMBINE_ARCHIVE /* Test dispatcher code selection */
+#endif
+
+/*
+ * Include of PSA defined Header files
+ */
+
+#if PSA_IPC_IMPLEMENTED
+/* psa/client.h: Contains the PSA Client API elements */
+#include "psa/client.h"
+
+/*
+ * psa_manifest/sid.h: Macro definitions derived from manifest files that map from RoT Service
+ * names to Service IDs (SIDs). Partition manifest parse build tool must provide the implementation
+ * of this file.
+*/
+#include "psa_manifest/sid.h"
+#endif
+
+#if PSA_CRYPTO_IMPLEMENTED
+/* psa/crypto.h: Contains the PSA Crypto API elements */
+#include "psa/crypto.h"
+#endif
+
+#if PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED
+/* psa/internal_trusted_storage.h: Contains the PSA ITS API elements */
+#include "psa/internal_trusted_storage.h"
+#endif
+
+#if PSA_PROTECTED_STORAGE_IMPLEMENTED
+/* psa/protected_storage.h: Contains the PSA PS API elements */
+#include "psa/protected_storage.h"
+#endif
+
+#if PSA_INITIAL_ATTESTATION_IMPLEMENTED
+/* psa/initial_attestation.h: Contains the PSA Initial Attestation API elements */
+#include "psa/initial_attestation.h"
+#endif
+
+#endif /* _PAL_CONFIG_H_ */
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_crypto_empty_intf.c
similarity index 81%
rename from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
rename to api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_crypto_empty_intf.c
index 14649e9..2a28f39 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_crypto_empty_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,9 +15,8 @@
* limitations under the License.
**/
-
+#include <stdarg.h>
#include "pal_common.h"
-#include "pal_crypto_intf.h"
/**
@brief - This API will call the requested crypto function
@@ -25,7 +24,7 @@
valist : variable argument list
@return - error status
**/
-psa_status_t pal_crypto_function(int type, va_list valist)
+int32_t pal_crypto_function(int type, va_list valist)
{
- return PAL_STATUS_UNSUPPORTED_FUNC;
+ return PAL_STATUS_ERROR;
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_crypto_intf.c b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_crypto_intf.c
new file mode 100644
index 0000000..a117cec
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_crypto_intf.c
@@ -0,0 +1,337 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_crypto_intf.h"
+
+#define PAL_KEY_SLOT_COUNT 32
+
+/**
+ @brief - This API will call the requested crypto function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_crypto_function(int type, va_list valist)
+{
+ int i;
+ size_t size, *length, salt_length, label_length, ciphertext_size;
+ uint8_t *buffer, *ciphertext;
+ const uint8_t *salt, *label, *nonce, *additional_data;
+ uint8_t *plaintext;
+ uint32_t status;
+ const void *extra;
+ size_t extra_size, capacity, *gen_cap, nonce_length, additional_data_length;
+ psa_key_handle_t handle, *key_handle;
+ psa_key_type_t key_type, *key_type_out;
+ psa_key_policy_t *policy;
+ psa_key_usage_t usage, *usage_out;
+ psa_key_lifetime_t *lifetime_out;
+ psa_algorithm_t alg, *alg_out;
+ psa_hash_operation_t *hash_operation;
+ psa_mac_operation_t *mac_operation;
+ psa_cipher_operation_t *cipher_operation;
+ psa_crypto_generator_t *generator;
+
+ switch (type)
+ {
+ case PAL_CRYPTO_INIT:
+ return psa_crypto_init();
+ case PAL_CRYPTO_GENERATE_RANDOM:
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, int);
+ return psa_generate_random(buffer, size);
+ case PAL_CRYPTO_IMPORT_KEY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ key_type = va_arg(valist, psa_key_type_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, int);
+ status = psa_import_key(handle, key_type, buffer, size);
+ return status;
+ case PAL_CRYPTO_EXPORT_KEY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t*));
+ size = va_arg(valist, int);
+ length = (size_t *)va_arg(valist, size_t*);
+ status = psa_export_key(handle, buffer, size, length);
+ return status;
+ case PAL_CRYPTO_EXPORT_PUBLIC_KEY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t*));
+ size = va_arg(valist, int);
+ length = (size_t *)va_arg(valist, size_t*);
+ status = psa_export_public_key(handle, buffer, size, length);
+ return status;
+ case PAL_CRYPTO_KEY_POLICY_INIT:
+ policy = va_arg(valist, psa_key_policy_t*);
+ psa_key_policy_init(policy);
+ return 0;
+ case PAL_CRYPTO_KEY_POLICY_SET_USAGE:
+ policy = va_arg(valist, psa_key_policy_t*);
+ usage = va_arg(valist, psa_key_usage_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ psa_key_policy_set_usage(policy, usage, alg);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_POLICY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ policy = va_arg(valist, psa_key_policy_t*);
+ return psa_set_key_policy(handle, policy);
+ case PAL_CRYPTO_DESTROY_KEY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ status = psa_destroy_key(handle);
+ return status;
+ case PAL_CRYPTO_GET_KEY_INFORMATION:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ key_type_out = va_arg(valist, psa_key_type_t*);
+ length = (size_t *)va_arg(valist, size_t*);
+ status = psa_get_key_information(handle, key_type_out, length);
+ return status;
+ case PAL_CRYPTO_GET_KEY_POLICY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ policy = va_arg(valist, psa_key_policy_t*);
+ return psa_get_key_policy(handle, policy);
+ case PAL_CRYPTO_KEY_POLICY_GET_USAGE:
+ policy = va_arg(valist, psa_key_policy_t*);
+ usage_out = va_arg(valist, psa_key_usage_t*);
+ *usage_out = psa_key_policy_get_usage(policy);
+ return 0;
+ case PAL_CRYPTO_KEY_POLICY_GET_ALGORITHM:
+ policy = va_arg(valist, psa_key_policy_t*);
+ alg_out = va_arg(valist, psa_algorithm_t*);
+ *alg_out = psa_key_policy_get_algorithm(policy);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_LIFETIME:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ lifetime_out = va_arg(valist, psa_key_lifetime_t*);
+ return psa_get_key_lifetime(handle, lifetime_out);
+ case PAL_CRYPTO_HASH_SETUP:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_hash_setup(hash_operation, alg);
+ case PAL_CRYPTO_HASH_UPDATE:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_update(hash_operation, buffer, size);
+ case PAL_CRYPTO_HASH_VERIFY:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_verify(hash_operation, buffer, size);
+ case PAL_CRYPTO_HASH_FINISH:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_hash_finish(hash_operation, buffer, size, length);
+ case PAL_CRYPTO_HASH_ABORT:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ return psa_hash_abort(hash_operation);
+ case PAL_CRYPTO_GENERATE_KEY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ key_type = va_arg(valist, psa_key_type_t);
+ size = va_arg(valist, size_t);
+ extra = va_arg(valist, const void*);
+ extra_size = va_arg(valist, size_t);
+ return psa_generate_key(handle, key_type, size, extra, extra_size);
+ case PAL_CRYPTO_GENERATOR_READ:
+ generator = va_arg(valist, psa_crypto_generator_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, int);
+ return psa_generator_read(generator, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION:
+ generator = va_arg(valist, psa_crypto_generator_t*);
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ label = va_arg(valist, const uint8_t *);
+ label_length = va_arg(valist, size_t);
+ capacity = va_arg(valist, size_t);
+ return psa_key_derivation(generator, handle, alg, salt, salt_length, label,
+ label_length, capacity);
+ case PAL_CRYPTO_GET_GENERATOR_CAPACITY:
+ generator = va_arg(valist, psa_crypto_generator_t*);
+ gen_cap = va_arg(valist, size_t*);
+ return psa_get_generator_capacity(generator, gen_cap);
+ case PAL_CRYPTO_GENERATOR_IMPORT_KEY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ key_type = va_arg(valist, psa_key_type_t);
+ size = va_arg(valist, size_t);
+ generator = va_arg(valist, psa_crypto_generator_t*);
+ return psa_generator_import_key(handle, key_type, size, generator);
+ case PAL_CRYPTO_GENERATOR_ABORT:
+ generator = va_arg(valist, psa_crypto_generator_t*);
+ return psa_generator_abort(generator);
+ case PAL_CRYPTO_AEAD_ENCRYPT:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ nonce = va_arg(valist, const uint8_t *);
+ nonce_length = va_arg(valist, size_t);
+ additional_data = va_arg(valist, const uint8_t *);
+ additional_data_length = va_arg(valist, size_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_encrypt(handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, plaintext, size, ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_AEAD_DECRYPT:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ nonce = va_arg(valist, const uint8_t *);
+ nonce_length = va_arg(valist, size_t);
+ additional_data = va_arg(valist, const uint8_t *);
+ additional_data_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_decrypt(handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, ciphertext, ciphertext_size, plaintext, size, length);
+ case PAL_CRYPTO_MAC_SIGN_SETUP:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_mac_sign_setup(mac_operation, handle, alg);
+ case PAL_CRYPTO_MAC_UPDATE:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_mac_update(mac_operation, buffer, size);
+ case PAL_CRYPTO_MAC_SIGN_FINISH:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ return psa_mac_sign_finish(mac_operation, buffer, size, length);
+ case PAL_CRYPTO_MAC_VERIFY_SETUP:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_mac_verify_setup(mac_operation, handle, alg);
+ case PAL_CRYPTO_MAC_VERIFY_FINISH:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_mac_verify_finish(mac_operation, buffer, size);
+ case PAL_CRYPTO_MAC_ABORT:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ return psa_mac_abort(mac_operation);
+ case PAL_CRYPTO_ASYMMTERIC_ENCRYPT:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_encrypt(handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_ASYMMTERIC_DECRYPT:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_decrypt(handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_CIPHER_ENCRYPT_SETUP:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_cipher_encrypt_setup(cipher_operation, handle, alg);
+ case PAL_CRYPTO_CIPHER_DECRYPT_SETUP:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_cipher_decrypt_setup(cipher_operation, handle, alg);
+ case PAL_CRYPTO_CIPHER_GENERATE_IV:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_generate_iv(cipher_operation, buffer, size, length);
+ case PAL_CRYPTO_CIPHER_SET_IV:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_cipher_set_iv(cipher_operation, buffer, size);
+ case PAL_CRYPTO_CIPHER_UPDATE:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_update(cipher_operation, plaintext, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_CIPHER_FINISH:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_finish(cipher_operation, ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_CIPHER_ABORT:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ return psa_cipher_abort(cipher_operation);
+ case PAL_CRYPTO_ASYMMTERIC_SIGN:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_sign(handle, alg, buffer, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_ASYMMTERIC_VERIFY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ return psa_asymmetric_verify(handle, alg, buffer, size, ciphertext, ciphertext_size);
+ case PAL_CRYPTO_KEY_AGREEMENT:
+ generator = va_arg(valist, psa_crypto_generator_t*);
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_key_agreement(generator, handle, buffer, size, alg);
+ case PAL_CRYPTO_ALLOCATE_KEY:
+ key_type = va_arg(valist, psa_key_type_t);
+ size = va_arg(valist, size_t);
+ key_handle = (psa_key_handle_t *)va_arg(valist, int*);
+ return psa_allocate_key(key_type, size, key_handle);
+ case PAL_CRYPTO_FREE:
+ for (i = 0; i < PAL_KEY_SLOT_COUNT; i++)
+ psa_destroy_key(i);
+ return 0;
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_crypto_intf.h b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_crypto_intf.h
new file mode 100644
index 0000000..dfabee1
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_crypto_intf.h
@@ -0,0 +1,75 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CRYPTO_H_
+#define _PAL_CRYPTO_H_
+
+#include "pal_common.h"
+
+enum crypto_function_code {
+ PAL_CRYPTO_INIT = 0x1,
+ PAL_CRYPTO_GENERATE_RANDOM = 0x2,
+ PAL_CRYPTO_IMPORT_KEY = 0x3,
+ PAL_CRYPTO_EXPORT_KEY = 0x4,
+ PAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
+ PAL_CRYPTO_DESTROY_KEY = 0x6,
+ PAL_CRYPTO_GET_KEY_INFO = 0x7,
+ PAL_CRYPTO_KEY_POLICY_INIT = 0x8,
+ PAL_CRYPTO_KEY_POLICY_SET_USAGE = 0x9,
+ PAL_CRYPTO_KEY_POLICY_GET_USAGE = 0xA,
+ PAL_CRYPTO_KEY_POLICY_GET_ALGORITHM = 0xB,
+ PAL_CRYPTO_SET_KEY_POLICY = 0xC,
+ PAL_CRYPTO_GET_KEY_POLICY = 0xD,
+ PAL_CRYPTO_GET_KEY_INFORMATION = 0xE,
+ PAL_CRYPTO_GET_KEY_LIFETIME = 0xF,
+ PAL_CRYPTO_HASH_SETUP = 0x11,
+ PAL_CRYPTO_HASH_UPDATE = 0x12,
+ PAL_CRYPTO_HASH_VERIFY = 0x13,
+ PAL_CRYPTO_HASH_FINISH = 0x14,
+ PAL_CRYPTO_HASH_ABORT = 0x15,
+ PAL_CRYPTO_GENERATE_KEY = 0x16,
+ PAL_CRYPTO_GENERATOR_READ = 0x17,
+ PAL_CRYPTO_KEY_DERIVATION = 0x18,
+ PAL_CRYPTO_GET_GENERATOR_CAPACITY = 0x19,
+ PAL_CRYPTO_GENERATOR_IMPORT_KEY = 0x1A,
+ PAL_CRYPTO_GENERATOR_ABORT = 0x1B,
+ PAL_CRYPTO_AEAD_ENCRYPT = 0x1C,
+ PAL_CRYPTO_AEAD_DECRYPT = 0x1D,
+ PAL_CRYPTO_MAC_SIGN_SETUP = 0x1E,
+ PAL_CRYPTO_MAC_UPDATE = 0x1F,
+ PAL_CRYPTO_MAC_SIGN_FINISH = 0x20,
+ PAL_CRYPTO_MAC_VERIFY_SETUP = 0x21,
+ PAL_CRYPTO_MAC_VERIFY_FINISH = 0x22,
+ PAL_CRYPTO_MAC_ABORT = 0x23,
+ PAL_CRYPTO_ASYMMTERIC_ENCRYPT = 0x24,
+ PAL_CRYPTO_ASYMMTERIC_DECRYPT = 0x25,
+ PAL_CRYPTO_CIPHER_ENCRYPT_SETUP = 0x26,
+ PAL_CRYPTO_CIPHER_DECRYPT_SETUP = 0x2A,
+ PAL_CRYPTO_CIPHER_GENERATE_IV = 0x2B,
+ PAL_CRYPTO_CIPHER_SET_IV = 0x2C,
+ PAL_CRYPTO_CIPHER_UPDATE = 0x2D,
+ PAL_CRYPTO_CIPHER_FINISH = 0x2E,
+ PAL_CRYPTO_CIPHER_ABORT = 0x2F,
+ PAL_CRYPTO_ASYMMTERIC_SIGN = 0x30,
+ PAL_CRYPTO_ASYMMTERIC_VERIFY = 0x31,
+ PAL_CRYPTO_KEY_AGREEMENT = 0x32,
+ PAL_CRYPTO_ALLOCATE_KEY = 0x33,
+ PAL_CRYPTO_FREE = 0xFE,
+};
+
+int32_t pal_crypto_function(int type, va_list valist);
+#endif /* _PAL_CRYPTO_H_ */
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_driver_ipc_intf.c b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_driver_ipc_intf.c
similarity index 98%
rename from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_driver_ipc_intf.c
rename to api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_driver_ipc_intf.c
index 59efae1..32aef9c 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_driver_ipc_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_driver_ipc_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_driver_ns_intf.c b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_driver_ns_intf.c
similarity index 98%
rename from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_driver_ns_intf.c
rename to api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_driver_ns_intf.c
index d6f3123..dd6b14c 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_driver_ns_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_driver_ns_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_internal_trusted_storage_empty_intf.c
similarity index 74%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
copy to api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_internal_trusted_storage_empty_intf.c
index 14649e9..133cfa9 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_internal_trusted_storage_empty_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,17 +15,16 @@
* limitations under the License.
**/
-
+#include <stdarg.h>
#include "pal_common.h"
-#include "pal_crypto_intf.h"
/**
- @brief - This API will call the requested crypto function
+ @brief - This API will call the requested internal trusted storage function
@param - type : function code
valist : variable argument list
@return - error status
**/
-psa_status_t pal_crypto_function(int type, va_list valist)
+uint32_t pal_its_function(int type, va_list valist)
{
- return PAL_STATUS_UNSUPPORTED_FUNC;
+ return PAL_STATUS_ERROR;
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_internal_trusted_storage_intf.c b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_internal_trusted_storage_intf.c
new file mode 100644
index 0000000..4f04ab0
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_internal_trusted_storage_intf.c
@@ -0,0 +1,60 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_internal_trusted_storage_intf.h"
+
+/**
+ @brief - This API will call the requested internal trusted storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_its_function(int type, va_list valist)
+{
+ psa_its_uid_t uid;
+ uint32_t data_length, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ psa_its_create_flags_t its_create_flags;
+ struct psa_its_info_t *its_p_info;
+
+ switch (type)
+ {
+ case PAL_ITS_SET:
+ uid = va_arg(valist, psa_its_uid_t);
+ data_length = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ its_create_flags = va_arg(valist, psa_its_create_flags_t);
+ return psa_its_set(uid, data_length, p_write_data, its_create_flags);
+ case PAL_ITS_GET:
+ uid = va_arg(valist, psa_its_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_length = va_arg(valist, uint32_t);
+ p_read_data = va_arg(valist, void*);
+ return psa_its_get(uid, offset, data_length, p_read_data);
+ case PAL_ITS_GET_INFO:
+ uid = va_arg(valist, psa_its_uid_t);
+ its_p_info = va_arg(valist, struct psa_its_info_t*);
+ return psa_its_get_info(uid, its_p_info);
+ case PAL_ITS_REMOVE:
+ uid = va_arg(valist, psa_its_uid_t);
+ return psa_its_remove(uid);
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_internal_trusted_storage_intf.h b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_internal_trusted_storage_intf.h
new file mode 100644
index 0000000..6db6aac
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_internal_trusted_storage_intf.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_
+#define _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_
+
+#include "pal_common.h"
+
+enum its_function_code {
+ PAL_ITS_SET = 0x1,
+ PAL_ITS_GET = 0x2,
+ PAL_ITS_GET_INFO = 0x3,
+ PAL_ITS_REMOVE = 0x4,
+};
+
+uint32_t pal_its_function(int type, va_list valist);
+#endif /* _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_ */
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_protected_storage_empty_intf.c
similarity index 74%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
copy to api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_protected_storage_empty_intf.c
index 14649e9..ee9b13d 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_protected_storage_empty_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,17 +15,16 @@
* limitations under the License.
**/
-
+#include <stdarg.h>
#include "pal_common.h"
-#include "pal_crypto_intf.h"
/**
- @brief - This API will call the requested crypto function
+ @brief - This API will call the requested protected storage function
@param - type : function code
valist : variable argument list
@return - error status
**/
-psa_status_t pal_crypto_function(int type, va_list valist)
+uint32_t pal_ps_function(int type, va_list valist)
{
- return PAL_STATUS_UNSUPPORTED_FUNC;
+ return PAL_STATUS_ERROR;
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_protected_storage_intf.c b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_protected_storage_intf.c
new file mode 100644
index 0000000..4f89efe
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_protected_storage_intf.c
@@ -0,0 +1,73 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_protected_storage_intf.h"
+
+/**
+ @brief - This API will call the requested protected storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_ps_function(int type, va_list valist)
+{
+ psa_ps_uid_t uid;
+ uint32_t data_length, size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ psa_ps_create_flags_t ps_create_flags;
+ struct psa_ps_info_t *ps_p_info;
+
+ switch (type)
+ {
+ case PAL_PS_SET:
+ uid = va_arg(valist, psa_ps_uid_t);
+ data_length = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ ps_create_flags = va_arg(valist, psa_ps_create_flags_t);
+ return psa_ps_set(uid, data_length, p_write_data, ps_create_flags);
+ case PAL_PS_GET:
+ uid = va_arg(valist, psa_ps_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_length = va_arg(valist, uint32_t);
+ p_read_data = va_arg(valist, void*);
+ return psa_ps_get(uid, offset, data_length, p_read_data);
+ case PAL_PS_GET_INFO:
+ uid = va_arg(valist, psa_ps_uid_t);
+ ps_p_info = va_arg(valist, struct psa_ps_info_t*);
+ return psa_ps_get_info(uid, ps_p_info);
+ case PAL_PS_REMOVE:
+ uid = va_arg(valist, psa_ps_uid_t);
+ return psa_ps_remove(uid);
+ case PAL_PS_CREATE:
+ uid = va_arg(valist, psa_ps_uid_t);
+ size = va_arg(valist, uint32_t);
+ ps_create_flags = va_arg(valist, psa_ps_create_flags_t);
+ return psa_ps_create(uid, size, ps_create_flags);
+ case PAL_PS_SET_EXTENDED:
+ uid = va_arg(valist, psa_ps_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_length = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ return psa_ps_set_extended(uid, offset, data_length, p_write_data);
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+}
diff --git a/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_protected_storage_intf.h b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_protected_storage_intf.h
new file mode 100644
index 0000000..2f7e5fc
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/nspe/pal_protected_storage_intf.h
@@ -0,0 +1,33 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_PROTECTED_STORAGE_INTF_H_
+#define _PAL_PROTECTED_STORAGE_INTF_H_
+
+#include "pal_common.h"
+
+enum ps_function_code {
+ PAL_PS_SET = 0x1,
+ PAL_PS_GET = 0x2,
+ PAL_PS_GET_INFO = 0x3,
+ PAL_PS_REMOVE = 0x4,
+ PAL_PS_CREATE = 0x5,
+ PAL_PS_SET_EXTENDED = 0x6,
+};
+
+uint32_t pal_ps_function(int type, va_list valist);
+#endif /* _PAL_PROTECTED_STORAGE_INTF_H_ */
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/spe/pal_driver_intf.c b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/spe/pal_driver_intf.c
similarity index 97%
rename from api-tests/platform/targets/fvp_mps2_cm4_mbedos/spe/pal_driver_intf.c
rename to api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/spe/pal_driver_intf.c
index f80e82d..cc8b537 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/spe/pal_driver_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/spe/pal_driver_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/spe/pal_driver_intf.h b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/spe/pal_driver_intf.h
similarity index 94%
rename from api-tests/platform/targets/fvp_mps2_cm4_mbedos/spe/pal_driver_intf.h
rename to api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/spe/pal_driver_intf.h
index b6ed2ab..da85a63 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/spe/pal_driver_intf.h
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/spe/pal_driver_intf.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/target.cfg b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/target.cfg
similarity index 74%
rename from api-tests/platform/targets/fvp_mps2_cm4_mbedos/target.cfg
rename to api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/target.cfg
index 1a13c96..598d347 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/target.cfg
+++ b/api-tests/platform/targets/tgt_dev_apis_mbedos_fvp_mps2_m4/target.cfg
@@ -1,5 +1,5 @@
///** @file
-// * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+// * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
// * SPDX-License-Identifier : Apache-2.0
// *
// * Licensed under the Apache License, Version 2.0 (the "License");
@@ -29,26 +29,29 @@
watchdog.0.intr_id = 0xFF;
watchdog.0.permission = TYPE_READ_WRITE;
watchdog.0.num_of_tick_per_micro_sec = 0x3; //(sys_feq/1000000)
-watchdog.0.timeout_in_micro_sec_low = 0xF4240; //1.0 sec : 1 * 1000 * 1000
-watchdog.0.timeout_in_micro_sec_medium = 0x1E8480; //2.0 sec : 2 * 1000 * 1000
-watchdog.0.timeout_in_micro_sec_high = 0x4C4B40; //5.0 sec : 5 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_low = 0xF4240; //1.0 sec : 1 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_medium = 0x1E8480; //2.0 sec : 2 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_high = 0x4C4B40; //5.0 sec : 5 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_crypto = 0x1312D00; //18.0 sec : 18 * 1000 * 1000
// Range of 1KB Non-volatile memory to preserve data over reset. Ex, NVRAM and FLASH
nvmem.num =1;
nvmem.0.start = 0x2002F000;
-nvmem.0.end = 0x2002FFFF;
+nvmem.0.end = 0x2002F3FF;
nvmem.0.permission = TYPE_READ_WRITE;
-//Miscellaneous
+// Miscellaneous - Test scatter info
dut.num = 1;
-dut.0.implemented_psa_firmware_isolation_level = LEVEL1;
+
+// Start address of 10KB NS memory for test ELF
+dut.0.ns_test_addr = 0x2007F000;
// Start address of combine_test_binary in memory. Memory can be main memory or secondary memory.
-// Size of combine_test_binary = Summation of size of each test ELF file
+// Size of combine_test_binary = Summation of size of each test ELF file.
dut.0.ns_start_addr_of_combine_test_binary = 0x2003F000;
// Is combine_test_binary available in RAM?
dut.0.combine_test_binary_in_ram = AVAILABLE;
-// Start address of 9KB NS memory for test ELF
-dut.0.ns_test_addr = 0x2007F000;
+// Level of Isolation
+dut.0.implemented_psa_firmware_isolation_level = LEVEL1;
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/Makefile b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/Makefile
similarity index 61%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/Makefile
copy to api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/Makefile
index da2f089..da2f41d 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/Makefile
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/Makefile
@@ -1,4 +1,4 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
# * Licensed under the Apache License, Version 2.0 (the "License");
@@ -16,20 +16,48 @@
include $(SOURCE)/tools/makefiles/toolchain.mk
-# Local PAL Make variable
+# Make variables to select correct instances of PAL files
+
## PSA_IPC_IMPLEMENTED must be true for IPC SUITE
-PSA_IPC_IMPLEMENTED:=1
+PSA_IPC_IMPLEMENTED:=0
## PSA_CRYPTO_IMPLEMENTED must be true for CRYPTO SUITE
PSA_CRYPTO_IMPLEMENTED:=1
-# PAL C source files part of NSPE library
-SRC_C_NSPE= pal_driver_ns_intf.c
+## PSA_PROTECTED_STORAGE_IMPLEMENTED must be true for PROTECTED_STORAGE SUITE
+PSA_PROTECTED_STORAGE_IMPLEMENTED:=1
+
+## PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED must be true for INTERNAL_TRUSTED_STORAGE SUITE
+PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED:=1
+
+## PSA_INITIAL_ATTESTATION_IMPLEMENTED must be true for INITIAL_ATTESTATION SUITE
+PSA_INITIAL_ATTESTATION_IMPLEMENTED:=0
+
+# Make variables holding NSPE/SPE source files
+
+## PAL C source files part of NSPE library
+SRC_C_NSPE=
+
+## PAL ASM source files part of NSPE library
+SRC_ASM_NSPE=
+
+## PAL C source files part of SPE library - driver partition
+SRC_C_DRIVER_SP=
+
+## PAL ASM source files part of SPE library - driver partition
+SRC_ASM_DRIVER_SP=
ifeq (${PSA_IPC_IMPLEMENTED},1)
+# When PSA_IPC_IMPLEMENTED=1, driver functionalities are implemented as RoT-services
+# and secure and non-secure clients will call to these RoT-services to get appropriate driver services.
SRC_C_NSPE += pal_client_api_intf.c
SRC_C_NSPE += pal_driver_ipc_intf.c
+
+# Driver files will be compiled as part of driver partition
+SRC_C_DRIVER_SP += pal_driver_intf.c pal_nvmem.c pal_uart.c pal_wd_cmsdk.c
else
+
+# When PSA_IPC_IMPLEMENTED=0, driver files will be compiled as part of NSPE
SRC_C_NSPE += pal_client_api_empty_intf.c
SRC_C_NSPE += pal_driver_ns_intf.c pal_nvmem.c pal_uart.c pal_wd_cmsdk.c
endif
@@ -40,27 +68,35 @@
SRC_C_NSPE += pal_crypto_empty_intf.c
endif
-# PAL ASM source files part of NSPE library
-SRC_ASM_NSPE=
+ifeq (${PSA_PROTECTED_STORAGE_IMPLEMENTED},1)
+SRC_C_NSPE += pal_protected_storage_intf.c
+else
+SRC_C_NSPE += pal_protected_storage_empty_intf.c
+endif
-# PAL C source files part of SPE library - driver partition
-SRC_C_DRIVER_SP= pal_driver_intf.c pal_nvmem.c pal_uart.c pal_wd_cmsdk.c
+ifeq (${PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED},1)
+SRC_C_NSPE += pal_internal_trusted_storage_intf.c
+else
+SRC_C_NSPE += pal_internal_trusted_storage_empty_intf.c
+endif
-# PAL ASM source files part of SPE library - driver partition
-SRC_ASM_DRIVER_SP=
-
+ifeq (${PSA_INITIAL_ATTESTATION_IMPLEMENTED},1)
+SRC_C_NSPE += pal_attestation_intf.c
+else
+SRC_C_NSPE += pal_attestation_empty_intf.c
+endif
INCLUDE= -I$(SOURCE)/platform/targets/$(TARGET)/nspe \
-I$(SOURCE)/platform/targets/$(TARGET)/spe \
-I$(BUILD)/platform/$(TARGET)/ \
- -I$(SOURCE)/platform/drivers/uart/cmsdk \
+ -I$(SOURCE)/platform/drivers/uart/musca_a \
-I$(SOURCE)/platform/drivers/nvmem/ \
-I$(SOURCE)/platform/drivers/watchdog/cmsdk
VPATH=$(SOURCE)/platform/targets/$(TARGET)/: \
$(SOURCE)/platform/targets/$(TARGET)/spe: \
$(SOURCE)/platform/targets/$(TARGET)/nspe: \
- $(SOURCE)/platform/drivers/uart/cmsdk: \
+ $(SOURCE)/platform/drivers/uart/musca_a: \
$(SOURCE)/platform/drivers/nvmem: \
$(SOURCE)/platform/drivers/watchdog/cmsdk: \
@@ -101,7 +137,7 @@
# Generated %_driver_sp.o(s) are used in spbuild.mk to create final driver_partition.a
$(BUILD)/platform/spe/%_driver_sp.o : %.c
- $(CC) $(INCLUDE) -o $@ -c $<
+ $(CC) $(INCLUDE) -DSPE_BUILD -o $@ -c $<
$(BUILD)/platform/spe/%_driver_sp.o : %.s
$(AS) $(INCLUDE) -o $@ $<
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/common/driver_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/common/driver_partition_psa.json
similarity index 77%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/common/driver_partition_psa.json
copy to api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/common/driver_partition_psa.json
index 12dd18b..5d57571 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/common/driver_partition_psa.json
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/common/driver_partition_psa.json
@@ -1,13 +1,13 @@
{
"psa_framework_version": 1.0,
"name": "DRIVER_PARTITION",
- "type": "APPLICATION-ROT",
+ "type": "PSA-ROT",
"priority": "NORMAL",
"id": "0x00000003",
"description": "Implements device services such print, flash read/write,. etc.",
"entry_point": "driver_main",
"stack_size": "0x400",
- "heap_size": "0x400",
+ "heap_size": "0x100",
"services": [{
"name": "DRIVER_UART_SID",
"sid": "0x0000FC01",
@@ -33,9 +33,9 @@
"minor_policy": "RELAXED"
},
{
- "name": "DRIVER_TARGET_INIT_SID",
+ "name": "TEST_INTR_SID",
"sid": "0x0000FC04",
- "signal": "DRIVER_TARGET_INIT_SIG",
+ "signal": "TEST_INTR_SIG",
"non_secure_clients": true,
"minor_version": 1,
"minor_policy": "RELAXED"
@@ -45,20 +45,32 @@
{
"name": "UART_REGION",
"base": "0x40004000",
- "size": "0xFFF",
+ "size": "0x1000",
"permission": "READ-WRITE"
},
{
"name": "WATCHDOG_REGION",
"base": "0x40008000",
- "size": "0xFFF",
+ "size": "0x1000",
"permission": "READ-WRITE"
},
{
"name": "NVMEM_REGION",
"base": "0x2002F000",
- "size": "0xFFF",
+ "size": "0x400",
"permission": "READ-WRITE"
+ },
+ {
+ "name": "DRIVER_PARTITION_MMIO",
+ "base": "0x200AF040",
+ "size": "0x20",
+ "permission": "READ-WRITE"
+ }
+ ],
+ "irqs": [
+ {
+ "signal": "DRIVER_UART_INTR_SIG",
+ "line_num": 17
}
],
"linker_pattern": {
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/ipc/client_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/ipc/client_partition_psa.json
similarity index 80%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/ipc/client_partition_psa.json
copy to api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/ipc/client_partition_psa.json
index a2a2ce5..081dc95 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/ipc/client_partition_psa.json
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/ipc/client_partition_psa.json
@@ -7,7 +7,7 @@
"description": "Client partition executing client test func from SPE",
"entry_point": "client_main",
"stack_size": "0x400",
- "heap_size": "0x400",
+ "heap_size": "0x100",
"services": [{
"name": "CLIENT_TEST_DISPATCHER_SID",
"sid": "0x0000FA01",
@@ -20,6 +20,7 @@
"dependencies": [
"DRIVER_UART_SID",
"DRIVER_NVMEM_SID",
+ "TEST_INTR_SID",
"SERVER_TEST_DISPATCHER_SID",
"SERVER_UNSPECIFED_MINOR_V_SID",
"SERVER_STRICT_MINOR_VERSION_SID",
@@ -27,6 +28,14 @@
"SERVER_SECURE_CONNECT_ONLY_SID",
"SERVER_CONNECTION_DROP_SID"
],
+ "mmio_regions" : [
+ {
+ "name": "CLIENT_PARTITION_MMIO",
+ "base": "0x200AF000",
+ "size": "0x20",
+ "permission": "READ-WRITE"
+ }
+ ],
"linker_pattern": {
"object_list": [
"client_partition.a"
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/ipc/server_partition_psa.json b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/ipc/server_partition_psa.json
similarity index 98%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/ipc/server_partition_psa.json
copy to api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/ipc/server_partition_psa.json
index 167faa0..3541387 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/ipc/server_partition_psa.json
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/manifests/ipc/server_partition_psa.json
@@ -7,7 +7,7 @@
"description": "Server partition executing server test func",
"entry_point": "server_main",
"stack_size": "0x400",
- "heap_size": "0x400",
+ "heap_size": "0x100",
"services": [{
"name": "SERVER_TEST_DISPATCHER_SID",
"sid": "0x0000FB01",
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_attestation_empty_intf.c
similarity index 74%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
copy to api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_attestation_empty_intf.c
index 14649e9..faf3f49 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_attestation_empty_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,17 +15,16 @@
* limitations under the License.
**/
-
+#include <stdarg.h>
#include "pal_common.h"
-#include "pal_crypto_intf.h"
/**
- @brief - This API will call the requested crypto function
+ @brief - This API will call the requested attestation function
@param - type : function code
valist : variable argument list
@return - error status
**/
-psa_status_t pal_crypto_function(int type, va_list valist)
+int32_t pal_attestation_function(int type, va_list valist)
{
- return PAL_STATUS_UNSUPPORTED_FUNC;
+ return PAL_STATUS_ERROR;
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_attestation_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_attestation_intf.c
new file mode 100644
index 0000000..618ea07
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_attestation_intf.c
@@ -0,0 +1,43 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_attestation_intf.h"
+
+/**
+ @brief - This API will call the requested attestation function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_attestation_function(int type, va_list valist)
+{
+ uint8_t *challenge, *token;
+ size_t challenge_size, *token_size;
+
+ switch (type)
+ {
+ case PAL_INITIAL_ATTEST_GET_TOKEN:
+ challenge = va_arg(valist, uint8_t*);
+ challenge_size = va_arg(valist, size_t);
+ token = va_arg(valist, uint8_t*);
+ token_size = va_arg(valist, size_t*);
+ return psa_initial_attest_get_token(challenge, challenge_size, token, token_size);
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_attestation_intf.h
similarity index 62%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
copy to api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_attestation_intf.h
index 14649e9..eebb514 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_attestation_intf.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,17 +15,14 @@
* limitations under the License.
**/
+#ifndef _PAL_INITIAL_ATTESTATION_H_
+#define _PAL_INITIAL_ATTESTATION_H_
#include "pal_common.h"
-#include "pal_crypto_intf.h"
-/**
- @brief - This API will call the requested crypto function
- @param - type : function code
- valist : variable argument list
- @return - error status
-**/
-psa_status_t pal_crypto_function(int type, va_list valist)
-{
- return PAL_STATUS_UNSUPPORTED_FUNC;
-}
+enum attestation_function_code {
+ PAL_INITIAL_ATTEST_GET_TOKEN = 0x1,
+};
+
+int32_t pal_attestation_function(int type, va_list valist);
+#endif /* _PAL_INITIAL_ATTESTATION_H_ */
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_client_api_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_client_api_empty_intf.c
similarity index 96%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_client_api_empty_intf.c
copy to api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_client_api_empty_intf.c
index 8e2aa22..578b4ce 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_client_api_empty_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_client_api_empty_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,7 +17,6 @@
#include "pal_common.h"
#include "pal_client_api_intf.h"
-#include "pal_sid.h"
/**
* @brief - Retrieve the version of the PSA Framework API that is implemented.
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_client_api_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_client_api_intf.c
similarity index 97%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_client_api_intf.c
copy to api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_client_api_intf.c
index 21350ea..20ddd11 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_client_api_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_client_api_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,7 +17,6 @@
#include "pal_common.h"
#include "pal_client_api_intf.h"
-#include "pal_sid.h"
/**
* @brief - Retrieve the version of the PSA Framework API that is implemented.
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_client_api_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_client_api_intf.h
new file mode 100644
index 0000000..3f5741e
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_client_api_intf.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CLIENT_API_H_
+#define _PAL_CLIENT_API_H_
+
+#include "pal_common.h"
+
+uint32_t pal_ipc_framework_version(void);
+uint32_t pal_ipc_version(uint32_t sid);
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version);
+psa_status_t pal_ipc_call(psa_handle_t handle,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
+void pal_ipc_close(psa_handle_t handle);
+#endif /* _PAL_CLIENT_API_H_ */
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_common.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_common.h
similarity index 64%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_common.h
copy to api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_common.h
index 79dc7a3..d5acb2e 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_common.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_common.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -21,6 +21,12 @@
#include <string.h>
#include <stdint.h>
#include <stdlib.h>
+#include <limits.h>
+#include <stdarg.h>
+
+#ifndef TARGET_CFG_BUILD
+#include "pal_config.h"
+#endif
/* typedef's */
typedef uint8_t bool_t;
@@ -30,11 +36,13 @@
typedef char char8_t;
typedef uint32_t cfg_id_t;
+#define PAL_STATUS_UNSUPPORTED_FUNC 0xFF
+
typedef enum
{
PAL_STATUS_SUCCESS = 0x0,
PAL_STATUS_ERROR = 0x80
-}pal_status_t;
+} pal_status_t;
typedef enum {
NVMEM_READ = 0x1,
@@ -59,13 +67,14 @@
WD_LOW_TIMEOUT = 0x1,
WD_MEDIUM_TIMEOUT = 0x2,
WD_HIGH_TIMEOUT = 0x3,
+ WD_CRYPTO_TIMEOUT = 0x4,
} wd_timeout_type_t;
typedef struct {
wd_fn_type_t wd_fn_type;
- addr_t wd_base_addr;
- uint32_t wd_time_us;
- uint32_t wd_timer_tick_us;
+ addr_t wd_base_addr;
+ uint32_t wd_time_us;
+ uint32_t wd_timer_tick_us;
} wd_param_t;
typedef enum {
@@ -73,4 +82,36 @@
UART_PRINT = 0x2,
} uart_fn_type_t;
+/*
+ * Redefining some of the client.h elements for compilation to go through
+ * when PSA IPC APIs are not implemented.
+ */
+#if (PSA_IPC_IMPLEMENTED == 0)
+
+#ifndef PSA_VERSION_NONE
+#define PSA_VERSION_NONE (0)
+#endif
+
+#ifndef PSA_SUCCESS
+#define PSA_SUCCESS (0)
+typedef int32_t psa_status_t;
+#endif
+typedef int32_t psa_handle_t;
+
+#ifndef PSA_NULL_HANDLE
+#define PSA_NULL_HANDLE ((psa_handle_t)0)
+#endif
+
+typedef struct psa_invec {
+ const void *base;
+ size_t len;
+} psa_invec;
+
+typedef struct psa_outvec {
+ void *base;
+ size_t len;
+} psa_outvec;
+
+#endif /* PSA_IPC_IMPLEMENTED */
+
#endif /* _PAL_COMMON_H_ */
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_config.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_config.h
new file mode 100644
index 0000000..daa0ec5
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_config.h
@@ -0,0 +1,104 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CONFIG_H_
+#define _PAL_CONFIG_H_
+
+/*
+ * List of macros used by test suite
+ */
+#if !defined(PSA_IPC_IMPLEMENTED)
+#define PSA_IPC_IMPLEMENTED 0
+#endif
+
+#if !defined(PSA_CRYPTO_IMPLEMENTED)
+#define PSA_CRYPTO_IMPLEMENTED 0
+#endif
+
+#if !defined(PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED)
+#define PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED 0
+#endif
+
+#if !defined(PSA_PROTECTED_STORAGE_IMPLEMENTED)
+#define PSA_PROTECTED_STORAGE_IMPLEMENTED 0
+#endif
+
+#if !defined(PSA_INITIAL_ATTESTATION_IMPLEMENTED)
+#define PSA_INITIAL_ATTESTATION_IMPLEMENTED 0
+#endif
+
+#if (PSA_IPC_IMPLEMENTED == 0) && \
+ (PSA_CRYPTO_IMPLEMENTED == 0) && \
+ (PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED == 0) && \
+ (PSA_PROTECTED_STORAGE_IMPLEMENTED == 0) && \
+ (PSA_INITIAL_ATTESTATION_IMPLEMENTED == 0)
+#error "You must define at least one of these macros to run test suite"
+#endif
+
+#if !defined(VERBOSE)
+#define VERBOSE 4 /* Print verbosity = ERROR */
+#endif
+
+#if (!defined(VAL_NSPE_BUILD) && !defined(SPE_BUILD))
+#define VAL_NSPE_BUILD 1
+#endif
+
+#if (!defined(NONSECURE_TEST_BUILD) && !defined(SPE_BUILD))
+#define NONSECURE_TEST_BUILD 1
+#endif
+
+#if !defined(TEST_COMBINE_ARCHIVE)
+//#define TEST_COMBINE_ARCHIVE /* Test dispatcher code selection */
+#endif
+
+/*
+ * Include of PSA defined Header files
+ */
+
+#if PSA_IPC_IMPLEMENTED
+/* psa/client.h: Contains the PSA Client API elements */
+#include "psa/client.h"
+
+/*
+ * psa_manifest/sid.h: Macro definitions derived from manifest files that map from RoT Service
+ * names to Service IDs (SIDs). Partition manifest parse build tool must provide the implementation
+ * of this file.
+*/
+#include "psa_manifest/sid.h"
+#endif
+
+#if PSA_CRYPTO_IMPLEMENTED
+/* psa/crypto.h: Contains the PSA Crypto API elements */
+#include "psa/crypto.h"
+#endif
+
+#if PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED
+/* psa/internal_trusted_storage.h: Contains the PSA ITS API elements */
+#include "psa/internal_trusted_storage.h"
+#endif
+
+#if PSA_PROTECTED_STORAGE_IMPLEMENTED
+/* psa/protected_storage.h: Contains the PSA PS API elements */
+#include "psa/protected_storage.h"
+#endif
+
+#if PSA_INITIAL_ATTESTATION_IMPLEMENTED
+/* psa/initial_attestation.h: Contains the PSA Initial Attestation API elements */
+#include "psa/initial_attestation.h"
+#endif
+
+#endif /* _PAL_CONFIG_H_ */
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_crypto_empty_intf.c
similarity index 81%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
copy to api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_crypto_empty_intf.c
index 14649e9..2a28f39 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_crypto_empty_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,9 +15,8 @@
* limitations under the License.
**/
-
+#include <stdarg.h>
#include "pal_common.h"
-#include "pal_crypto_intf.h"
/**
@brief - This API will call the requested crypto function
@@ -25,7 +24,7 @@
valist : variable argument list
@return - error status
**/
-psa_status_t pal_crypto_function(int type, va_list valist)
+int32_t pal_crypto_function(int type, va_list valist)
{
- return PAL_STATUS_UNSUPPORTED_FUNC;
+ return PAL_STATUS_ERROR;
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_crypto_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_crypto_intf.c
new file mode 100644
index 0000000..a117cec
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_crypto_intf.c
@@ -0,0 +1,337 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_crypto_intf.h"
+
+#define PAL_KEY_SLOT_COUNT 32
+
+/**
+ @brief - This API will call the requested crypto function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_crypto_function(int type, va_list valist)
+{
+ int i;
+ size_t size, *length, salt_length, label_length, ciphertext_size;
+ uint8_t *buffer, *ciphertext;
+ const uint8_t *salt, *label, *nonce, *additional_data;
+ uint8_t *plaintext;
+ uint32_t status;
+ const void *extra;
+ size_t extra_size, capacity, *gen_cap, nonce_length, additional_data_length;
+ psa_key_handle_t handle, *key_handle;
+ psa_key_type_t key_type, *key_type_out;
+ psa_key_policy_t *policy;
+ psa_key_usage_t usage, *usage_out;
+ psa_key_lifetime_t *lifetime_out;
+ psa_algorithm_t alg, *alg_out;
+ psa_hash_operation_t *hash_operation;
+ psa_mac_operation_t *mac_operation;
+ psa_cipher_operation_t *cipher_operation;
+ psa_crypto_generator_t *generator;
+
+ switch (type)
+ {
+ case PAL_CRYPTO_INIT:
+ return psa_crypto_init();
+ case PAL_CRYPTO_GENERATE_RANDOM:
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, int);
+ return psa_generate_random(buffer, size);
+ case PAL_CRYPTO_IMPORT_KEY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ key_type = va_arg(valist, psa_key_type_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, int);
+ status = psa_import_key(handle, key_type, buffer, size);
+ return status;
+ case PAL_CRYPTO_EXPORT_KEY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t*));
+ size = va_arg(valist, int);
+ length = (size_t *)va_arg(valist, size_t*);
+ status = psa_export_key(handle, buffer, size, length);
+ return status;
+ case PAL_CRYPTO_EXPORT_PUBLIC_KEY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t*));
+ size = va_arg(valist, int);
+ length = (size_t *)va_arg(valist, size_t*);
+ status = psa_export_public_key(handle, buffer, size, length);
+ return status;
+ case PAL_CRYPTO_KEY_POLICY_INIT:
+ policy = va_arg(valist, psa_key_policy_t*);
+ psa_key_policy_init(policy);
+ return 0;
+ case PAL_CRYPTO_KEY_POLICY_SET_USAGE:
+ policy = va_arg(valist, psa_key_policy_t*);
+ usage = va_arg(valist, psa_key_usage_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ psa_key_policy_set_usage(policy, usage, alg);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_POLICY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ policy = va_arg(valist, psa_key_policy_t*);
+ return psa_set_key_policy(handle, policy);
+ case PAL_CRYPTO_DESTROY_KEY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ status = psa_destroy_key(handle);
+ return status;
+ case PAL_CRYPTO_GET_KEY_INFORMATION:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ key_type_out = va_arg(valist, psa_key_type_t*);
+ length = (size_t *)va_arg(valist, size_t*);
+ status = psa_get_key_information(handle, key_type_out, length);
+ return status;
+ case PAL_CRYPTO_GET_KEY_POLICY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ policy = va_arg(valist, psa_key_policy_t*);
+ return psa_get_key_policy(handle, policy);
+ case PAL_CRYPTO_KEY_POLICY_GET_USAGE:
+ policy = va_arg(valist, psa_key_policy_t*);
+ usage_out = va_arg(valist, psa_key_usage_t*);
+ *usage_out = psa_key_policy_get_usage(policy);
+ return 0;
+ case PAL_CRYPTO_KEY_POLICY_GET_ALGORITHM:
+ policy = va_arg(valist, psa_key_policy_t*);
+ alg_out = va_arg(valist, psa_algorithm_t*);
+ *alg_out = psa_key_policy_get_algorithm(policy);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_LIFETIME:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ lifetime_out = va_arg(valist, psa_key_lifetime_t*);
+ return psa_get_key_lifetime(handle, lifetime_out);
+ case PAL_CRYPTO_HASH_SETUP:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_hash_setup(hash_operation, alg);
+ case PAL_CRYPTO_HASH_UPDATE:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_update(hash_operation, buffer, size);
+ case PAL_CRYPTO_HASH_VERIFY:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_verify(hash_operation, buffer, size);
+ case PAL_CRYPTO_HASH_FINISH:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_hash_finish(hash_operation, buffer, size, length);
+ case PAL_CRYPTO_HASH_ABORT:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ return psa_hash_abort(hash_operation);
+ case PAL_CRYPTO_GENERATE_KEY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ key_type = va_arg(valist, psa_key_type_t);
+ size = va_arg(valist, size_t);
+ extra = va_arg(valist, const void*);
+ extra_size = va_arg(valist, size_t);
+ return psa_generate_key(handle, key_type, size, extra, extra_size);
+ case PAL_CRYPTO_GENERATOR_READ:
+ generator = va_arg(valist, psa_crypto_generator_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, int);
+ return psa_generator_read(generator, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION:
+ generator = va_arg(valist, psa_crypto_generator_t*);
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ label = va_arg(valist, const uint8_t *);
+ label_length = va_arg(valist, size_t);
+ capacity = va_arg(valist, size_t);
+ return psa_key_derivation(generator, handle, alg, salt, salt_length, label,
+ label_length, capacity);
+ case PAL_CRYPTO_GET_GENERATOR_CAPACITY:
+ generator = va_arg(valist, psa_crypto_generator_t*);
+ gen_cap = va_arg(valist, size_t*);
+ return psa_get_generator_capacity(generator, gen_cap);
+ case PAL_CRYPTO_GENERATOR_IMPORT_KEY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ key_type = va_arg(valist, psa_key_type_t);
+ size = va_arg(valist, size_t);
+ generator = va_arg(valist, psa_crypto_generator_t*);
+ return psa_generator_import_key(handle, key_type, size, generator);
+ case PAL_CRYPTO_GENERATOR_ABORT:
+ generator = va_arg(valist, psa_crypto_generator_t*);
+ return psa_generator_abort(generator);
+ case PAL_CRYPTO_AEAD_ENCRYPT:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ nonce = va_arg(valist, const uint8_t *);
+ nonce_length = va_arg(valist, size_t);
+ additional_data = va_arg(valist, const uint8_t *);
+ additional_data_length = va_arg(valist, size_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_encrypt(handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, plaintext, size, ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_AEAD_DECRYPT:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ nonce = va_arg(valist, const uint8_t *);
+ nonce_length = va_arg(valist, size_t);
+ additional_data = va_arg(valist, const uint8_t *);
+ additional_data_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_decrypt(handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, ciphertext, ciphertext_size, plaintext, size, length);
+ case PAL_CRYPTO_MAC_SIGN_SETUP:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_mac_sign_setup(mac_operation, handle, alg);
+ case PAL_CRYPTO_MAC_UPDATE:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_mac_update(mac_operation, buffer, size);
+ case PAL_CRYPTO_MAC_SIGN_FINISH:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ return psa_mac_sign_finish(mac_operation, buffer, size, length);
+ case PAL_CRYPTO_MAC_VERIFY_SETUP:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_mac_verify_setup(mac_operation, handle, alg);
+ case PAL_CRYPTO_MAC_VERIFY_FINISH:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_mac_verify_finish(mac_operation, buffer, size);
+ case PAL_CRYPTO_MAC_ABORT:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ return psa_mac_abort(mac_operation);
+ case PAL_CRYPTO_ASYMMTERIC_ENCRYPT:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_encrypt(handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_ASYMMTERIC_DECRYPT:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_decrypt(handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_CIPHER_ENCRYPT_SETUP:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_cipher_encrypt_setup(cipher_operation, handle, alg);
+ case PAL_CRYPTO_CIPHER_DECRYPT_SETUP:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_cipher_decrypt_setup(cipher_operation, handle, alg);
+ case PAL_CRYPTO_CIPHER_GENERATE_IV:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_generate_iv(cipher_operation, buffer, size, length);
+ case PAL_CRYPTO_CIPHER_SET_IV:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_cipher_set_iv(cipher_operation, buffer, size);
+ case PAL_CRYPTO_CIPHER_UPDATE:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_update(cipher_operation, plaintext, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_CIPHER_FINISH:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_finish(cipher_operation, ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_CIPHER_ABORT:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ return psa_cipher_abort(cipher_operation);
+ case PAL_CRYPTO_ASYMMTERIC_SIGN:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_sign(handle, alg, buffer, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_ASYMMTERIC_VERIFY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ return psa_asymmetric_verify(handle, alg, buffer, size, ciphertext, ciphertext_size);
+ case PAL_CRYPTO_KEY_AGREEMENT:
+ generator = va_arg(valist, psa_crypto_generator_t*);
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_key_agreement(generator, handle, buffer, size, alg);
+ case PAL_CRYPTO_ALLOCATE_KEY:
+ key_type = va_arg(valist, psa_key_type_t);
+ size = va_arg(valist, size_t);
+ key_handle = (psa_key_handle_t *)va_arg(valist, int*);
+ return psa_allocate_key(key_type, size, key_handle);
+ case PAL_CRYPTO_FREE:
+ for (i = 0; i < PAL_KEY_SLOT_COUNT; i++)
+ psa_destroy_key(i);
+ return 0;
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_crypto_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_crypto_intf.h
new file mode 100644
index 0000000..dfabee1
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_crypto_intf.h
@@ -0,0 +1,75 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CRYPTO_H_
+#define _PAL_CRYPTO_H_
+
+#include "pal_common.h"
+
+enum crypto_function_code {
+ PAL_CRYPTO_INIT = 0x1,
+ PAL_CRYPTO_GENERATE_RANDOM = 0x2,
+ PAL_CRYPTO_IMPORT_KEY = 0x3,
+ PAL_CRYPTO_EXPORT_KEY = 0x4,
+ PAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
+ PAL_CRYPTO_DESTROY_KEY = 0x6,
+ PAL_CRYPTO_GET_KEY_INFO = 0x7,
+ PAL_CRYPTO_KEY_POLICY_INIT = 0x8,
+ PAL_CRYPTO_KEY_POLICY_SET_USAGE = 0x9,
+ PAL_CRYPTO_KEY_POLICY_GET_USAGE = 0xA,
+ PAL_CRYPTO_KEY_POLICY_GET_ALGORITHM = 0xB,
+ PAL_CRYPTO_SET_KEY_POLICY = 0xC,
+ PAL_CRYPTO_GET_KEY_POLICY = 0xD,
+ PAL_CRYPTO_GET_KEY_INFORMATION = 0xE,
+ PAL_CRYPTO_GET_KEY_LIFETIME = 0xF,
+ PAL_CRYPTO_HASH_SETUP = 0x11,
+ PAL_CRYPTO_HASH_UPDATE = 0x12,
+ PAL_CRYPTO_HASH_VERIFY = 0x13,
+ PAL_CRYPTO_HASH_FINISH = 0x14,
+ PAL_CRYPTO_HASH_ABORT = 0x15,
+ PAL_CRYPTO_GENERATE_KEY = 0x16,
+ PAL_CRYPTO_GENERATOR_READ = 0x17,
+ PAL_CRYPTO_KEY_DERIVATION = 0x18,
+ PAL_CRYPTO_GET_GENERATOR_CAPACITY = 0x19,
+ PAL_CRYPTO_GENERATOR_IMPORT_KEY = 0x1A,
+ PAL_CRYPTO_GENERATOR_ABORT = 0x1B,
+ PAL_CRYPTO_AEAD_ENCRYPT = 0x1C,
+ PAL_CRYPTO_AEAD_DECRYPT = 0x1D,
+ PAL_CRYPTO_MAC_SIGN_SETUP = 0x1E,
+ PAL_CRYPTO_MAC_UPDATE = 0x1F,
+ PAL_CRYPTO_MAC_SIGN_FINISH = 0x20,
+ PAL_CRYPTO_MAC_VERIFY_SETUP = 0x21,
+ PAL_CRYPTO_MAC_VERIFY_FINISH = 0x22,
+ PAL_CRYPTO_MAC_ABORT = 0x23,
+ PAL_CRYPTO_ASYMMTERIC_ENCRYPT = 0x24,
+ PAL_CRYPTO_ASYMMTERIC_DECRYPT = 0x25,
+ PAL_CRYPTO_CIPHER_ENCRYPT_SETUP = 0x26,
+ PAL_CRYPTO_CIPHER_DECRYPT_SETUP = 0x2A,
+ PAL_CRYPTO_CIPHER_GENERATE_IV = 0x2B,
+ PAL_CRYPTO_CIPHER_SET_IV = 0x2C,
+ PAL_CRYPTO_CIPHER_UPDATE = 0x2D,
+ PAL_CRYPTO_CIPHER_FINISH = 0x2E,
+ PAL_CRYPTO_CIPHER_ABORT = 0x2F,
+ PAL_CRYPTO_ASYMMTERIC_SIGN = 0x30,
+ PAL_CRYPTO_ASYMMTERIC_VERIFY = 0x31,
+ PAL_CRYPTO_KEY_AGREEMENT = 0x32,
+ PAL_CRYPTO_ALLOCATE_KEY = 0x33,
+ PAL_CRYPTO_FREE = 0xFE,
+};
+
+int32_t pal_crypto_function(int type, va_list valist);
+#endif /* _PAL_CRYPTO_H_ */
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_driver_ipc_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_driver_ipc_intf.c
similarity index 98%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_driver_ipc_intf.c
copy to api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_driver_ipc_intf.c
index 59efae1..32aef9c 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_driver_ipc_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_driver_ipc_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_driver_ns_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_driver_ns_intf.c
similarity index 96%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_driver_ns_intf.c
copy to api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_driver_ns_intf.c
index d6f3123..b18ce3f 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_driver_ns_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_driver_ns_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -19,6 +19,7 @@
#include "pal_uart.h"
#include "pal_nvmem.h"
#include "pal_wd_cmsdk.h"
+#include <stdio.h>
/**
@brief - This function initializes the UART
@@ -27,7 +28,7 @@
**/
int pal_uart_init_ns(uint32_t uart_base_addr)
{
- pal_uart_cmsdk_init(uart_base_addr);
+ pal_uart_init(uart_base_addr);
return PAL_STATUS_SUCCESS;
}
@@ -40,7 +41,7 @@
int pal_print_ns(char *str, uint32_t data)
{
- pal_cmsdk_print(str, data);
+ pal_uart_print(str, data);
return PAL_STATUS_SUCCESS;
}
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_internal_trusted_storage_empty_intf.c
similarity index 74%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
copy to api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_internal_trusted_storage_empty_intf.c
index 14649e9..133cfa9 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_internal_trusted_storage_empty_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,17 +15,16 @@
* limitations under the License.
**/
-
+#include <stdarg.h>
#include "pal_common.h"
-#include "pal_crypto_intf.h"
/**
- @brief - This API will call the requested crypto function
+ @brief - This API will call the requested internal trusted storage function
@param - type : function code
valist : variable argument list
@return - error status
**/
-psa_status_t pal_crypto_function(int type, va_list valist)
+uint32_t pal_its_function(int type, va_list valist)
{
- return PAL_STATUS_UNSUPPORTED_FUNC;
+ return PAL_STATUS_ERROR;
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_internal_trusted_storage_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_internal_trusted_storage_intf.c
new file mode 100644
index 0000000..4f04ab0
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_internal_trusted_storage_intf.c
@@ -0,0 +1,60 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_internal_trusted_storage_intf.h"
+
+/**
+ @brief - This API will call the requested internal trusted storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_its_function(int type, va_list valist)
+{
+ psa_its_uid_t uid;
+ uint32_t data_length, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ psa_its_create_flags_t its_create_flags;
+ struct psa_its_info_t *its_p_info;
+
+ switch (type)
+ {
+ case PAL_ITS_SET:
+ uid = va_arg(valist, psa_its_uid_t);
+ data_length = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ its_create_flags = va_arg(valist, psa_its_create_flags_t);
+ return psa_its_set(uid, data_length, p_write_data, its_create_flags);
+ case PAL_ITS_GET:
+ uid = va_arg(valist, psa_its_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_length = va_arg(valist, uint32_t);
+ p_read_data = va_arg(valist, void*);
+ return psa_its_get(uid, offset, data_length, p_read_data);
+ case PAL_ITS_GET_INFO:
+ uid = va_arg(valist, psa_its_uid_t);
+ its_p_info = va_arg(valist, struct psa_its_info_t*);
+ return psa_its_get_info(uid, its_p_info);
+ case PAL_ITS_REMOVE:
+ uid = va_arg(valist, psa_its_uid_t);
+ return psa_its_remove(uid);
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_internal_trusted_storage_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_internal_trusted_storage_intf.h
new file mode 100644
index 0000000..6db6aac
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_internal_trusted_storage_intf.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_
+#define _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_
+
+#include "pal_common.h"
+
+enum its_function_code {
+ PAL_ITS_SET = 0x1,
+ PAL_ITS_GET = 0x2,
+ PAL_ITS_GET_INFO = 0x3,
+ PAL_ITS_REMOVE = 0x4,
+};
+
+uint32_t pal_its_function(int type, va_list valist);
+#endif /* _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_ */
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_protected_storage_empty_intf.c
similarity index 74%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
copy to api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_protected_storage_empty_intf.c
index 14649e9..ee9b13d 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_protected_storage_empty_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,17 +15,16 @@
* limitations under the License.
**/
-
+#include <stdarg.h>
#include "pal_common.h"
-#include "pal_crypto_intf.h"
/**
- @brief - This API will call the requested crypto function
+ @brief - This API will call the requested protected storage function
@param - type : function code
valist : variable argument list
@return - error status
**/
-psa_status_t pal_crypto_function(int type, va_list valist)
+uint32_t pal_ps_function(int type, va_list valist)
{
- return PAL_STATUS_UNSUPPORTED_FUNC;
+ return PAL_STATUS_ERROR;
}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_protected_storage_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_protected_storage_intf.c
new file mode 100644
index 0000000..4f89efe
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_protected_storage_intf.c
@@ -0,0 +1,73 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_protected_storage_intf.h"
+
+/**
+ @brief - This API will call the requested protected storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_ps_function(int type, va_list valist)
+{
+ psa_ps_uid_t uid;
+ uint32_t data_length, size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ psa_ps_create_flags_t ps_create_flags;
+ struct psa_ps_info_t *ps_p_info;
+
+ switch (type)
+ {
+ case PAL_PS_SET:
+ uid = va_arg(valist, psa_ps_uid_t);
+ data_length = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ ps_create_flags = va_arg(valist, psa_ps_create_flags_t);
+ return psa_ps_set(uid, data_length, p_write_data, ps_create_flags);
+ case PAL_PS_GET:
+ uid = va_arg(valist, psa_ps_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_length = va_arg(valist, uint32_t);
+ p_read_data = va_arg(valist, void*);
+ return psa_ps_get(uid, offset, data_length, p_read_data);
+ case PAL_PS_GET_INFO:
+ uid = va_arg(valist, psa_ps_uid_t);
+ ps_p_info = va_arg(valist, struct psa_ps_info_t*);
+ return psa_ps_get_info(uid, ps_p_info);
+ case PAL_PS_REMOVE:
+ uid = va_arg(valist, psa_ps_uid_t);
+ return psa_ps_remove(uid);
+ case PAL_PS_CREATE:
+ uid = va_arg(valist, psa_ps_uid_t);
+ size = va_arg(valist, uint32_t);
+ ps_create_flags = va_arg(valist, psa_ps_create_flags_t);
+ return psa_ps_create(uid, size, ps_create_flags);
+ case PAL_PS_SET_EXTENDED:
+ uid = va_arg(valist, psa_ps_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_length = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ return psa_ps_set_extended(uid, offset, data_length, p_write_data);
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+}
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_protected_storage_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_protected_storage_intf.h
new file mode 100644
index 0000000..2f7e5fc
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/nspe/pal_protected_storage_intf.h
@@ -0,0 +1,33 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_PROTECTED_STORAGE_INTF_H_
+#define _PAL_PROTECTED_STORAGE_INTF_H_
+
+#include "pal_common.h"
+
+enum ps_function_code {
+ PAL_PS_SET = 0x1,
+ PAL_PS_GET = 0x2,
+ PAL_PS_GET_INFO = 0x3,
+ PAL_PS_REMOVE = 0x4,
+ PAL_PS_CREATE = 0x5,
+ PAL_PS_SET_EXTENDED = 0x6,
+};
+
+uint32_t pal_ps_function(int type, va_list valist);
+#endif /* _PAL_PROTECTED_STORAGE_INTF_H_ */
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/spe/pal_driver_intf.c b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/spe/pal_driver_intf.c
similarity index 97%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/spe/pal_driver_intf.c
copy to api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/spe/pal_driver_intf.c
index f80e82d..cc8b537 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/spe/pal_driver_intf.c
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/spe/pal_driver_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/spe/pal_driver_intf.h b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/spe/pal_driver_intf.h
similarity index 94%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/spe/pal_driver_intf.h
copy to api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/spe/pal_driver_intf.h
index b6ed2ab..da85a63 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/spe/pal_driver_intf.h
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/spe/pal_driver_intf.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/target.cfg b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/target.cfg
new file mode 100644
index 0000000..670f30a
--- /dev/null
+++ b/api-tests/platform/targets/tgt_dev_apis_tfm_musca_a/target.cfg
@@ -0,0 +1,61 @@
+///** @file
+// * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+// * SPDX-License-Identifier : Apache-2.0
+// *
+// * Licensed under the Apache License, Version 2.0 (the "License");
+// * you may not use this file except in compliance with the License.
+// * You may obtain a copy of the License at
+// *
+// * http://www.apache.org/licenses/LICENSE-2.0
+// *
+// * Unless required by applicable law or agreed to in writing, software
+// * distributed under the License is distributed on an "AS IS" BASIS,
+// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// * See the License for the specific language governing permissions and
+// * limitations under the License.
+//**/
+
+// UART device info
+uart.num=1;
+uart.0.base = 0x40102000; // UART1_NS
+uart.0.size = 0xFFF;
+uart.0.intr_id = 0xFF;
+uart.0.permission = TYPE_READ_WRITE;
+
+// Watchdog device info
+watchdog.num = 1;
+watchdog.0.base = 0x40081000;
+watchdog.0.size = 0xFFF;
+watchdog.0.intr_id = 0xFF;
+watchdog.0.permission = TYPE_READ_WRITE;
+watchdog.0.num_of_tick_per_micro_sec = 0x3; //(sys_feq/1000000)
+watchdog.0.timeout_in_micro_sec_low = 0xF4240; //1.0 sec : 1 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_medium = 0x1E8480; //2.0 sec : 2 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_high = 0x4C4B40; //5.0 sec : 5 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_crypto = 0x1312D00; //18.0 sec : 18 * 1000 * 1000
+
+// Range of 1KB Non-volatile memory to preserve data over reset. Ex, NVRAM and FLASH
+nvmem.num =1;
+nvmem.0.start = 0x20011000;
+nvmem.0.end = 0x200113FF;
+nvmem.0.permission = TYPE_READ_WRITE;
+
+//* ################################################################################
+//* # Following Target configuration parameters are required for loading #
+//* # tests serially. Avoid updating them if you are using --archive-tests option. #
+//* ################################################################################
+
+// Miscellaneous - Test scatter info
+dut.num = 1;
+
+// Start address of 10KB NS memory for test ELF
+dut.0.ns_test_addr = 0x28110000;
+
+// Start address of combine_test_binary in memory. Memory can be main memory or secondary memory.
+// Size of combine_test_binary = Summation of size of each test ELF file.
+dut.0.ns_start_addr_of_combine_test_binary = 0x28120000;
+
+// Is combine_test_binary available in RAM?
+dut.0.combine_test_binary_in_ram = AVAILABLE;
+
+dut.0.implemented_psa_firmware_isolation_level = LEVEL1;
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/Makefile b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/Makefile
similarity index 63%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/Makefile
copy to api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/Makefile
index da2f089..27847cc 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/Makefile
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/Makefile
@@ -1,4 +1,4 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
# * Licensed under the Apache License, Version 2.0 (the "License");
@@ -16,20 +16,48 @@
include $(SOURCE)/tools/makefiles/toolchain.mk
-# Local PAL Make variable
+# Make variables to select correct instances of PAL files
+
## PSA_IPC_IMPLEMENTED must be true for IPC SUITE
PSA_IPC_IMPLEMENTED:=1
## PSA_CRYPTO_IMPLEMENTED must be true for CRYPTO SUITE
-PSA_CRYPTO_IMPLEMENTED:=1
+PSA_CRYPTO_IMPLEMENTED:=0
-# PAL C source files part of NSPE library
-SRC_C_NSPE= pal_driver_ns_intf.c
+## PSA_PROTECTED_STORAGE_IMPLEMENTED must be true for PROTECTED_STORAGE SUITE
+PSA_PROTECTED_STORAGE_IMPLEMENTED:=0
+
+## PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED must be true for INTERNAL_TRUSTED_STORAGE SUITE
+PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED:=0
+
+## PSA_INITIAL_ATTESTATION_IMPLEMENTED must be true for INITIAL_ATTESTATION SUITE
+PSA_INITIAL_ATTESTATION_IMPLEMENTED:=0
+
+# Make variables holding NSPE/SPE source files
+
+## PAL C source files part of NSPE library
+SRC_C_NSPE=
+
+## PAL ASM source files part of NSPE library
+SRC_ASM_NSPE=
+
+## PAL C source files part of SPE library - driver partition
+SRC_C_DRIVER_SP=
+
+## PAL ASM source files part of SPE library - driver partition
+SRC_ASM_DRIVER_SP=
ifeq (${PSA_IPC_IMPLEMENTED},1)
+# When PSA_IPC_IMPLEMENTED=1, driver functionalities are implemented as RoT-services
+# and secure and non-secure clients will call to these RoT-services to get appropriate driver services.
SRC_C_NSPE += pal_client_api_intf.c
SRC_C_NSPE += pal_driver_ipc_intf.c
+
+# Driver files will be compiled as part of driver partition
+SRC_C_DRIVER_SP += pal_driver_intf.c pal_nvmem.c pal_uart.c pal_wd_cmsdk.c
else
+
+# When PSA_IPC_IMPLEMENTED=0, driver files will be compiled as part of NSPE
SRC_C_NSPE += pal_client_api_empty_intf.c
SRC_C_NSPE += pal_driver_ns_intf.c pal_nvmem.c pal_uart.c pal_wd_cmsdk.c
endif
@@ -40,15 +68,23 @@
SRC_C_NSPE += pal_crypto_empty_intf.c
endif
-# PAL ASM source files part of NSPE library
-SRC_ASM_NSPE=
+ifeq (${PSA_PROTECTED_STORAGE_IMPLEMENTED},1)
+SRC_C_NSPE += pal_protected_storage_intf.c
+else
+SRC_C_NSPE += pal_protected_storage_empty_intf.c
+endif
-# PAL C source files part of SPE library - driver partition
-SRC_C_DRIVER_SP= pal_driver_intf.c pal_nvmem.c pal_uart.c pal_wd_cmsdk.c
+ifeq (${PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED},1)
+SRC_C_NSPE += pal_internal_trusted_storage_intf.c
+else
+SRC_C_NSPE += pal_internal_trusted_storage_empty_intf.c
+endif
-# PAL ASM source files part of SPE library - driver partition
-SRC_ASM_DRIVER_SP=
-
+ifeq (${PSA_INITIAL_ATTESTATION_IMPLEMENTED},1)
+SRC_C_NSPE += pal_attestation_intf.c
+else
+SRC_C_NSPE += pal_attestation_empty_intf.c
+endif
INCLUDE= -I$(SOURCE)/platform/targets/$(TARGET)/nspe \
-I$(SOURCE)/platform/targets/$(TARGET)/spe \
@@ -101,7 +137,7 @@
# Generated %_driver_sp.o(s) are used in spbuild.mk to create final driver_partition.a
$(BUILD)/platform/spe/%_driver_sp.o : %.c
- $(CC) $(INCLUDE) -o $@ -c $<
+ $(CC) $(INCLUDE) -DSPE_BUILD -o $@ -c $<
$(BUILD)/platform/spe/%_driver_sp.o : %.s
$(AS) $(INCLUDE) -o $@ $<
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/common/driver_partition_psa.json b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/manifests/common/driver_partition_psa.json
similarity index 77%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/common/driver_partition_psa.json
copy to api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/manifests/common/driver_partition_psa.json
index 12dd18b..5d57571 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/common/driver_partition_psa.json
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/manifests/common/driver_partition_psa.json
@@ -1,13 +1,13 @@
{
"psa_framework_version": 1.0,
"name": "DRIVER_PARTITION",
- "type": "APPLICATION-ROT",
+ "type": "PSA-ROT",
"priority": "NORMAL",
"id": "0x00000003",
"description": "Implements device services such print, flash read/write,. etc.",
"entry_point": "driver_main",
"stack_size": "0x400",
- "heap_size": "0x400",
+ "heap_size": "0x100",
"services": [{
"name": "DRIVER_UART_SID",
"sid": "0x0000FC01",
@@ -33,9 +33,9 @@
"minor_policy": "RELAXED"
},
{
- "name": "DRIVER_TARGET_INIT_SID",
+ "name": "TEST_INTR_SID",
"sid": "0x0000FC04",
- "signal": "DRIVER_TARGET_INIT_SIG",
+ "signal": "TEST_INTR_SIG",
"non_secure_clients": true,
"minor_version": 1,
"minor_policy": "RELAXED"
@@ -45,20 +45,32 @@
{
"name": "UART_REGION",
"base": "0x40004000",
- "size": "0xFFF",
+ "size": "0x1000",
"permission": "READ-WRITE"
},
{
"name": "WATCHDOG_REGION",
"base": "0x40008000",
- "size": "0xFFF",
+ "size": "0x1000",
"permission": "READ-WRITE"
},
{
"name": "NVMEM_REGION",
"base": "0x2002F000",
- "size": "0xFFF",
+ "size": "0x400",
"permission": "READ-WRITE"
+ },
+ {
+ "name": "DRIVER_PARTITION_MMIO",
+ "base": "0x200AF040",
+ "size": "0x20",
+ "permission": "READ-WRITE"
+ }
+ ],
+ "irqs": [
+ {
+ "signal": "DRIVER_UART_INTR_SIG",
+ "line_num": 17
}
],
"linker_pattern": {
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/ipc/client_partition_psa.json b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/manifests/ipc/client_partition_psa.json
similarity index 80%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/ipc/client_partition_psa.json
copy to api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/manifests/ipc/client_partition_psa.json
index a2a2ce5..081dc95 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/ipc/client_partition_psa.json
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/manifests/ipc/client_partition_psa.json
@@ -7,7 +7,7 @@
"description": "Client partition executing client test func from SPE",
"entry_point": "client_main",
"stack_size": "0x400",
- "heap_size": "0x400",
+ "heap_size": "0x100",
"services": [{
"name": "CLIENT_TEST_DISPATCHER_SID",
"sid": "0x0000FA01",
@@ -20,6 +20,7 @@
"dependencies": [
"DRIVER_UART_SID",
"DRIVER_NVMEM_SID",
+ "TEST_INTR_SID",
"SERVER_TEST_DISPATCHER_SID",
"SERVER_UNSPECIFED_MINOR_V_SID",
"SERVER_STRICT_MINOR_VERSION_SID",
@@ -27,6 +28,14 @@
"SERVER_SECURE_CONNECT_ONLY_SID",
"SERVER_CONNECTION_DROP_SID"
],
+ "mmio_regions" : [
+ {
+ "name": "CLIENT_PARTITION_MMIO",
+ "base": "0x200AF000",
+ "size": "0x20",
+ "permission": "READ-WRITE"
+ }
+ ],
"linker_pattern": {
"object_list": [
"client_partition.a"
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/ipc/server_partition_psa.json b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/manifests/ipc/server_partition_psa.json
similarity index 98%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/ipc/server_partition_psa.json
copy to api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/manifests/ipc/server_partition_psa.json
index 167faa0..3541387 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/manifests/ipc/server_partition_psa.json
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/manifests/ipc/server_partition_psa.json
@@ -7,7 +7,7 @@
"description": "Server partition executing server test func",
"entry_point": "server_main",
"stack_size": "0x400",
- "heap_size": "0x400",
+ "heap_size": "0x100",
"services": [{
"name": "SERVER_TEST_DISPATCHER_SID",
"sid": "0x0000FB01",
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_attestation_empty_intf.c
similarity index 74%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
copy to api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_attestation_empty_intf.c
index 14649e9..faf3f49 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_attestation_empty_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,17 +15,16 @@
* limitations under the License.
**/
-
+#include <stdarg.h>
#include "pal_common.h"
-#include "pal_crypto_intf.h"
/**
- @brief - This API will call the requested crypto function
+ @brief - This API will call the requested attestation function
@param - type : function code
valist : variable argument list
@return - error status
**/
-psa_status_t pal_crypto_function(int type, va_list valist)
+int32_t pal_attestation_function(int type, va_list valist)
{
- return PAL_STATUS_UNSUPPORTED_FUNC;
+ return PAL_STATUS_ERROR;
}
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_attestation_intf.c b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_attestation_intf.c
new file mode 100644
index 0000000..618ea07
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_attestation_intf.c
@@ -0,0 +1,43 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_attestation_intf.h"
+
+/**
+ @brief - This API will call the requested attestation function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_attestation_function(int type, va_list valist)
+{
+ uint8_t *challenge, *token;
+ size_t challenge_size, *token_size;
+
+ switch (type)
+ {
+ case PAL_INITIAL_ATTEST_GET_TOKEN:
+ challenge = va_arg(valist, uint8_t*);
+ challenge_size = va_arg(valist, size_t);
+ token = va_arg(valist, uint8_t*);
+ token_size = va_arg(valist, size_t*);
+ return psa_initial_attest_get_token(challenge, challenge_size, token, token_size);
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_attestation_intf.h
similarity index 62%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
copy to api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_attestation_intf.h
index 14649e9..eebb514 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_attestation_intf.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,17 +15,14 @@
* limitations under the License.
**/
+#ifndef _PAL_INITIAL_ATTESTATION_H_
+#define _PAL_INITIAL_ATTESTATION_H_
#include "pal_common.h"
-#include "pal_crypto_intf.h"
-/**
- @brief - This API will call the requested crypto function
- @param - type : function code
- valist : variable argument list
- @return - error status
-**/
-psa_status_t pal_crypto_function(int type, va_list valist)
-{
- return PAL_STATUS_UNSUPPORTED_FUNC;
-}
+enum attestation_function_code {
+ PAL_INITIAL_ATTEST_GET_TOKEN = 0x1,
+};
+
+int32_t pal_attestation_function(int type, va_list valist);
+#endif /* _PAL_INITIAL_ATTESTATION_H_ */
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_client_api_empty_intf.c b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_client_api_empty_intf.c
similarity index 96%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_client_api_empty_intf.c
copy to api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_client_api_empty_intf.c
index 8e2aa22..578b4ce 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_client_api_empty_intf.c
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_client_api_empty_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,7 +17,6 @@
#include "pal_common.h"
#include "pal_client_api_intf.h"
-#include "pal_sid.h"
/**
* @brief - Retrieve the version of the PSA Framework API that is implemented.
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_client_api_intf.c b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_client_api_intf.c
similarity index 97%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_client_api_intf.c
copy to api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_client_api_intf.c
index 21350ea..20ddd11 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_client_api_intf.c
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_client_api_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,7 +17,6 @@
#include "pal_common.h"
#include "pal_client_api_intf.h"
-#include "pal_sid.h"
/**
* @brief - Retrieve the version of the PSA Framework API that is implemented.
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_client_api_intf.h b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_client_api_intf.h
new file mode 100644
index 0000000..3f5741e
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_client_api_intf.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CLIENT_API_H_
+#define _PAL_CLIENT_API_H_
+
+#include "pal_common.h"
+
+uint32_t pal_ipc_framework_version(void);
+uint32_t pal_ipc_version(uint32_t sid);
+psa_handle_t pal_ipc_connect(uint32_t sid, uint32_t minor_version);
+psa_status_t pal_ipc_call(psa_handle_t handle,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len);
+void pal_ipc_close(psa_handle_t handle);
+#endif /* _PAL_CLIENT_API_H_ */
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_common.h b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_common.h
similarity index 64%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_common.h
copy to api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_common.h
index 79dc7a3..d5acb2e 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_common.h
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_common.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -21,6 +21,12 @@
#include <string.h>
#include <stdint.h>
#include <stdlib.h>
+#include <limits.h>
+#include <stdarg.h>
+
+#ifndef TARGET_CFG_BUILD
+#include "pal_config.h"
+#endif
/* typedef's */
typedef uint8_t bool_t;
@@ -30,11 +36,13 @@
typedef char char8_t;
typedef uint32_t cfg_id_t;
+#define PAL_STATUS_UNSUPPORTED_FUNC 0xFF
+
typedef enum
{
PAL_STATUS_SUCCESS = 0x0,
PAL_STATUS_ERROR = 0x80
-}pal_status_t;
+} pal_status_t;
typedef enum {
NVMEM_READ = 0x1,
@@ -59,13 +67,14 @@
WD_LOW_TIMEOUT = 0x1,
WD_MEDIUM_TIMEOUT = 0x2,
WD_HIGH_TIMEOUT = 0x3,
+ WD_CRYPTO_TIMEOUT = 0x4,
} wd_timeout_type_t;
typedef struct {
wd_fn_type_t wd_fn_type;
- addr_t wd_base_addr;
- uint32_t wd_time_us;
- uint32_t wd_timer_tick_us;
+ addr_t wd_base_addr;
+ uint32_t wd_time_us;
+ uint32_t wd_timer_tick_us;
} wd_param_t;
typedef enum {
@@ -73,4 +82,36 @@
UART_PRINT = 0x2,
} uart_fn_type_t;
+/*
+ * Redefining some of the client.h elements for compilation to go through
+ * when PSA IPC APIs are not implemented.
+ */
+#if (PSA_IPC_IMPLEMENTED == 0)
+
+#ifndef PSA_VERSION_NONE
+#define PSA_VERSION_NONE (0)
+#endif
+
+#ifndef PSA_SUCCESS
+#define PSA_SUCCESS (0)
+typedef int32_t psa_status_t;
+#endif
+typedef int32_t psa_handle_t;
+
+#ifndef PSA_NULL_HANDLE
+#define PSA_NULL_HANDLE ((psa_handle_t)0)
+#endif
+
+typedef struct psa_invec {
+ const void *base;
+ size_t len;
+} psa_invec;
+
+typedef struct psa_outvec {
+ void *base;
+ size_t len;
+} psa_outvec;
+
+#endif /* PSA_IPC_IMPLEMENTED */
+
#endif /* _PAL_COMMON_H_ */
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_config.h b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_config.h
new file mode 100644
index 0000000..daa0ec5
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_config.h
@@ -0,0 +1,104 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CONFIG_H_
+#define _PAL_CONFIG_H_
+
+/*
+ * List of macros used by test suite
+ */
+#if !defined(PSA_IPC_IMPLEMENTED)
+#define PSA_IPC_IMPLEMENTED 0
+#endif
+
+#if !defined(PSA_CRYPTO_IMPLEMENTED)
+#define PSA_CRYPTO_IMPLEMENTED 0
+#endif
+
+#if !defined(PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED)
+#define PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED 0
+#endif
+
+#if !defined(PSA_PROTECTED_STORAGE_IMPLEMENTED)
+#define PSA_PROTECTED_STORAGE_IMPLEMENTED 0
+#endif
+
+#if !defined(PSA_INITIAL_ATTESTATION_IMPLEMENTED)
+#define PSA_INITIAL_ATTESTATION_IMPLEMENTED 0
+#endif
+
+#if (PSA_IPC_IMPLEMENTED == 0) && \
+ (PSA_CRYPTO_IMPLEMENTED == 0) && \
+ (PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED == 0) && \
+ (PSA_PROTECTED_STORAGE_IMPLEMENTED == 0) && \
+ (PSA_INITIAL_ATTESTATION_IMPLEMENTED == 0)
+#error "You must define at least one of these macros to run test suite"
+#endif
+
+#if !defined(VERBOSE)
+#define VERBOSE 4 /* Print verbosity = ERROR */
+#endif
+
+#if (!defined(VAL_NSPE_BUILD) && !defined(SPE_BUILD))
+#define VAL_NSPE_BUILD 1
+#endif
+
+#if (!defined(NONSECURE_TEST_BUILD) && !defined(SPE_BUILD))
+#define NONSECURE_TEST_BUILD 1
+#endif
+
+#if !defined(TEST_COMBINE_ARCHIVE)
+//#define TEST_COMBINE_ARCHIVE /* Test dispatcher code selection */
+#endif
+
+/*
+ * Include of PSA defined Header files
+ */
+
+#if PSA_IPC_IMPLEMENTED
+/* psa/client.h: Contains the PSA Client API elements */
+#include "psa/client.h"
+
+/*
+ * psa_manifest/sid.h: Macro definitions derived from manifest files that map from RoT Service
+ * names to Service IDs (SIDs). Partition manifest parse build tool must provide the implementation
+ * of this file.
+*/
+#include "psa_manifest/sid.h"
+#endif
+
+#if PSA_CRYPTO_IMPLEMENTED
+/* psa/crypto.h: Contains the PSA Crypto API elements */
+#include "psa/crypto.h"
+#endif
+
+#if PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED
+/* psa/internal_trusted_storage.h: Contains the PSA ITS API elements */
+#include "psa/internal_trusted_storage.h"
+#endif
+
+#if PSA_PROTECTED_STORAGE_IMPLEMENTED
+/* psa/protected_storage.h: Contains the PSA PS API elements */
+#include "psa/protected_storage.h"
+#endif
+
+#if PSA_INITIAL_ATTESTATION_IMPLEMENTED
+/* psa/initial_attestation.h: Contains the PSA Initial Attestation API elements */
+#include "psa/initial_attestation.h"
+#endif
+
+#endif /* _PAL_CONFIG_H_ */
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_crypto_empty_intf.c
similarity index 81%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
copy to api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_crypto_empty_intf.c
index 14649e9..2a28f39 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_crypto_empty_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,9 +15,8 @@
* limitations under the License.
**/
-
+#include <stdarg.h>
#include "pal_common.h"
-#include "pal_crypto_intf.h"
/**
@brief - This API will call the requested crypto function
@@ -25,7 +24,7 @@
valist : variable argument list
@return - error status
**/
-psa_status_t pal_crypto_function(int type, va_list valist)
+int32_t pal_crypto_function(int type, va_list valist)
{
- return PAL_STATUS_UNSUPPORTED_FUNC;
+ return PAL_STATUS_ERROR;
}
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_crypto_intf.c b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_crypto_intf.c
new file mode 100644
index 0000000..a117cec
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_crypto_intf.c
@@ -0,0 +1,337 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_crypto_intf.h"
+
+#define PAL_KEY_SLOT_COUNT 32
+
+/**
+ @brief - This API will call the requested crypto function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+int32_t pal_crypto_function(int type, va_list valist)
+{
+ int i;
+ size_t size, *length, salt_length, label_length, ciphertext_size;
+ uint8_t *buffer, *ciphertext;
+ const uint8_t *salt, *label, *nonce, *additional_data;
+ uint8_t *plaintext;
+ uint32_t status;
+ const void *extra;
+ size_t extra_size, capacity, *gen_cap, nonce_length, additional_data_length;
+ psa_key_handle_t handle, *key_handle;
+ psa_key_type_t key_type, *key_type_out;
+ psa_key_policy_t *policy;
+ psa_key_usage_t usage, *usage_out;
+ psa_key_lifetime_t *lifetime_out;
+ psa_algorithm_t alg, *alg_out;
+ psa_hash_operation_t *hash_operation;
+ psa_mac_operation_t *mac_operation;
+ psa_cipher_operation_t *cipher_operation;
+ psa_crypto_generator_t *generator;
+
+ switch (type)
+ {
+ case PAL_CRYPTO_INIT:
+ return psa_crypto_init();
+ case PAL_CRYPTO_GENERATE_RANDOM:
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, int);
+ return psa_generate_random(buffer, size);
+ case PAL_CRYPTO_IMPORT_KEY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ key_type = va_arg(valist, psa_key_type_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, int);
+ status = psa_import_key(handle, key_type, buffer, size);
+ return status;
+ case PAL_CRYPTO_EXPORT_KEY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t*));
+ size = va_arg(valist, int);
+ length = (size_t *)va_arg(valist, size_t*);
+ status = psa_export_key(handle, buffer, size, length);
+ return status;
+ case PAL_CRYPTO_EXPORT_PUBLIC_KEY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t*));
+ size = va_arg(valist, int);
+ length = (size_t *)va_arg(valist, size_t*);
+ status = psa_export_public_key(handle, buffer, size, length);
+ return status;
+ case PAL_CRYPTO_KEY_POLICY_INIT:
+ policy = va_arg(valist, psa_key_policy_t*);
+ psa_key_policy_init(policy);
+ return 0;
+ case PAL_CRYPTO_KEY_POLICY_SET_USAGE:
+ policy = va_arg(valist, psa_key_policy_t*);
+ usage = va_arg(valist, psa_key_usage_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ psa_key_policy_set_usage(policy, usage, alg);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_POLICY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ policy = va_arg(valist, psa_key_policy_t*);
+ return psa_set_key_policy(handle, policy);
+ case PAL_CRYPTO_DESTROY_KEY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ status = psa_destroy_key(handle);
+ return status;
+ case PAL_CRYPTO_GET_KEY_INFORMATION:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ key_type_out = va_arg(valist, psa_key_type_t*);
+ length = (size_t *)va_arg(valist, size_t*);
+ status = psa_get_key_information(handle, key_type_out, length);
+ return status;
+ case PAL_CRYPTO_GET_KEY_POLICY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ policy = va_arg(valist, psa_key_policy_t*);
+ return psa_get_key_policy(handle, policy);
+ case PAL_CRYPTO_KEY_POLICY_GET_USAGE:
+ policy = va_arg(valist, psa_key_policy_t*);
+ usage_out = va_arg(valist, psa_key_usage_t*);
+ *usage_out = psa_key_policy_get_usage(policy);
+ return 0;
+ case PAL_CRYPTO_KEY_POLICY_GET_ALGORITHM:
+ policy = va_arg(valist, psa_key_policy_t*);
+ alg_out = va_arg(valist, psa_algorithm_t*);
+ *alg_out = psa_key_policy_get_algorithm(policy);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_LIFETIME:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ lifetime_out = va_arg(valist, psa_key_lifetime_t*);
+ return psa_get_key_lifetime(handle, lifetime_out);
+ case PAL_CRYPTO_HASH_SETUP:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_hash_setup(hash_operation, alg);
+ case PAL_CRYPTO_HASH_UPDATE:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_update(hash_operation, buffer, size);
+ case PAL_CRYPTO_HASH_VERIFY:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_verify(hash_operation, buffer, size);
+ case PAL_CRYPTO_HASH_FINISH:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_hash_finish(hash_operation, buffer, size, length);
+ case PAL_CRYPTO_HASH_ABORT:
+ hash_operation = va_arg(valist, psa_hash_operation_t*);
+ return psa_hash_abort(hash_operation);
+ case PAL_CRYPTO_GENERATE_KEY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ key_type = va_arg(valist, psa_key_type_t);
+ size = va_arg(valist, size_t);
+ extra = va_arg(valist, const void*);
+ extra_size = va_arg(valist, size_t);
+ return psa_generate_key(handle, key_type, size, extra, extra_size);
+ case PAL_CRYPTO_GENERATOR_READ:
+ generator = va_arg(valist, psa_crypto_generator_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, int);
+ return psa_generator_read(generator, buffer, size);
+ case PAL_CRYPTO_KEY_DERIVATION:
+ generator = va_arg(valist, psa_crypto_generator_t*);
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ label = va_arg(valist, const uint8_t *);
+ label_length = va_arg(valist, size_t);
+ capacity = va_arg(valist, size_t);
+ return psa_key_derivation(generator, handle, alg, salt, salt_length, label,
+ label_length, capacity);
+ case PAL_CRYPTO_GET_GENERATOR_CAPACITY:
+ generator = va_arg(valist, psa_crypto_generator_t*);
+ gen_cap = va_arg(valist, size_t*);
+ return psa_get_generator_capacity(generator, gen_cap);
+ case PAL_CRYPTO_GENERATOR_IMPORT_KEY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ key_type = va_arg(valist, psa_key_type_t);
+ size = va_arg(valist, size_t);
+ generator = va_arg(valist, psa_crypto_generator_t*);
+ return psa_generator_import_key(handle, key_type, size, generator);
+ case PAL_CRYPTO_GENERATOR_ABORT:
+ generator = va_arg(valist, psa_crypto_generator_t*);
+ return psa_generator_abort(generator);
+ case PAL_CRYPTO_AEAD_ENCRYPT:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ nonce = va_arg(valist, const uint8_t *);
+ nonce_length = va_arg(valist, size_t);
+ additional_data = va_arg(valist, const uint8_t *);
+ additional_data_length = va_arg(valist, size_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_encrypt(handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, plaintext, size, ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_AEAD_DECRYPT:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ nonce = va_arg(valist, const uint8_t *);
+ nonce_length = va_arg(valist, size_t);
+ additional_data = va_arg(valist, const uint8_t *);
+ additional_data_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_aead_decrypt(handle, alg, nonce, nonce_length, additional_data,
+ additional_data_length, ciphertext, ciphertext_size, plaintext, size, length);
+ case PAL_CRYPTO_MAC_SIGN_SETUP:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_mac_sign_setup(mac_operation, handle, alg);
+ case PAL_CRYPTO_MAC_UPDATE:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_mac_update(mac_operation, buffer, size);
+ case PAL_CRYPTO_MAC_SIGN_FINISH:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = (size_t *)va_arg(valist, size_t*);
+ return psa_mac_sign_finish(mac_operation, buffer, size, length);
+ case PAL_CRYPTO_MAC_VERIFY_SETUP:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_mac_verify_setup(mac_operation, handle, alg);
+ case PAL_CRYPTO_MAC_VERIFY_FINISH:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_mac_verify_finish(mac_operation, buffer, size);
+ case PAL_CRYPTO_MAC_ABORT:
+ mac_operation = va_arg(valist, psa_mac_operation_t*);
+ return psa_mac_abort(mac_operation);
+ case PAL_CRYPTO_ASYMMTERIC_ENCRYPT:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_encrypt(handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_ASYMMTERIC_DECRYPT:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ salt = va_arg(valist, const uint8_t *);
+ salt_length = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_decrypt(handle, alg, plaintext, size, salt, salt_length,
+ ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_CIPHER_ENCRYPT_SETUP:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_cipher_encrypt_setup(cipher_operation, handle, alg);
+ case PAL_CRYPTO_CIPHER_DECRYPT_SETUP:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_cipher_decrypt_setup(cipher_operation, handle, alg);
+ case PAL_CRYPTO_CIPHER_GENERATE_IV:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_generate_iv(cipher_operation, buffer, size, length);
+ case PAL_CRYPTO_CIPHER_SET_IV:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_cipher_set_iv(cipher_operation, buffer, size);
+ case PAL_CRYPTO_CIPHER_UPDATE:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ plaintext = va_arg(valist, uint8_t *);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_update(cipher_operation, plaintext, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_CIPHER_FINISH:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_cipher_finish(cipher_operation, ciphertext, ciphertext_size, length);
+ case PAL_CRYPTO_CIPHER_ABORT:
+ cipher_operation = va_arg(valist, psa_cipher_operation_t *);
+ return psa_cipher_abort(cipher_operation);
+ case PAL_CRYPTO_ASYMMTERIC_SIGN:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_asymmetric_sign(handle, alg, buffer, size, ciphertext, ciphertext_size,
+ length);
+ case PAL_CRYPTO_ASYMMTERIC_VERIFY:
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ alg = va_arg(valist, psa_algorithm_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ ciphertext = va_arg(valist, uint8_t *);
+ ciphertext_size = va_arg(valist, size_t);
+ return psa_asymmetric_verify(handle, alg, buffer, size, ciphertext, ciphertext_size);
+ case PAL_CRYPTO_KEY_AGREEMENT:
+ generator = va_arg(valist, psa_crypto_generator_t*);
+ handle = (psa_key_handle_t)va_arg(valist, int);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_key_agreement(generator, handle, buffer, size, alg);
+ case PAL_CRYPTO_ALLOCATE_KEY:
+ key_type = va_arg(valist, psa_key_type_t);
+ size = va_arg(valist, size_t);
+ key_handle = (psa_key_handle_t *)va_arg(valist, int*);
+ return psa_allocate_key(key_type, size, key_handle);
+ case PAL_CRYPTO_FREE:
+ for (i = 0; i < PAL_KEY_SLOT_COUNT; i++)
+ psa_destroy_key(i);
+ return 0;
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_crypto_intf.h b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_crypto_intf.h
new file mode 100644
index 0000000..dfabee1
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_crypto_intf.h
@@ -0,0 +1,75 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CRYPTO_H_
+#define _PAL_CRYPTO_H_
+
+#include "pal_common.h"
+
+enum crypto_function_code {
+ PAL_CRYPTO_INIT = 0x1,
+ PAL_CRYPTO_GENERATE_RANDOM = 0x2,
+ PAL_CRYPTO_IMPORT_KEY = 0x3,
+ PAL_CRYPTO_EXPORT_KEY = 0x4,
+ PAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
+ PAL_CRYPTO_DESTROY_KEY = 0x6,
+ PAL_CRYPTO_GET_KEY_INFO = 0x7,
+ PAL_CRYPTO_KEY_POLICY_INIT = 0x8,
+ PAL_CRYPTO_KEY_POLICY_SET_USAGE = 0x9,
+ PAL_CRYPTO_KEY_POLICY_GET_USAGE = 0xA,
+ PAL_CRYPTO_KEY_POLICY_GET_ALGORITHM = 0xB,
+ PAL_CRYPTO_SET_KEY_POLICY = 0xC,
+ PAL_CRYPTO_GET_KEY_POLICY = 0xD,
+ PAL_CRYPTO_GET_KEY_INFORMATION = 0xE,
+ PAL_CRYPTO_GET_KEY_LIFETIME = 0xF,
+ PAL_CRYPTO_HASH_SETUP = 0x11,
+ PAL_CRYPTO_HASH_UPDATE = 0x12,
+ PAL_CRYPTO_HASH_VERIFY = 0x13,
+ PAL_CRYPTO_HASH_FINISH = 0x14,
+ PAL_CRYPTO_HASH_ABORT = 0x15,
+ PAL_CRYPTO_GENERATE_KEY = 0x16,
+ PAL_CRYPTO_GENERATOR_READ = 0x17,
+ PAL_CRYPTO_KEY_DERIVATION = 0x18,
+ PAL_CRYPTO_GET_GENERATOR_CAPACITY = 0x19,
+ PAL_CRYPTO_GENERATOR_IMPORT_KEY = 0x1A,
+ PAL_CRYPTO_GENERATOR_ABORT = 0x1B,
+ PAL_CRYPTO_AEAD_ENCRYPT = 0x1C,
+ PAL_CRYPTO_AEAD_DECRYPT = 0x1D,
+ PAL_CRYPTO_MAC_SIGN_SETUP = 0x1E,
+ PAL_CRYPTO_MAC_UPDATE = 0x1F,
+ PAL_CRYPTO_MAC_SIGN_FINISH = 0x20,
+ PAL_CRYPTO_MAC_VERIFY_SETUP = 0x21,
+ PAL_CRYPTO_MAC_VERIFY_FINISH = 0x22,
+ PAL_CRYPTO_MAC_ABORT = 0x23,
+ PAL_CRYPTO_ASYMMTERIC_ENCRYPT = 0x24,
+ PAL_CRYPTO_ASYMMTERIC_DECRYPT = 0x25,
+ PAL_CRYPTO_CIPHER_ENCRYPT_SETUP = 0x26,
+ PAL_CRYPTO_CIPHER_DECRYPT_SETUP = 0x2A,
+ PAL_CRYPTO_CIPHER_GENERATE_IV = 0x2B,
+ PAL_CRYPTO_CIPHER_SET_IV = 0x2C,
+ PAL_CRYPTO_CIPHER_UPDATE = 0x2D,
+ PAL_CRYPTO_CIPHER_FINISH = 0x2E,
+ PAL_CRYPTO_CIPHER_ABORT = 0x2F,
+ PAL_CRYPTO_ASYMMTERIC_SIGN = 0x30,
+ PAL_CRYPTO_ASYMMTERIC_VERIFY = 0x31,
+ PAL_CRYPTO_KEY_AGREEMENT = 0x32,
+ PAL_CRYPTO_ALLOCATE_KEY = 0x33,
+ PAL_CRYPTO_FREE = 0xFE,
+};
+
+int32_t pal_crypto_function(int type, va_list valist);
+#endif /* _PAL_CRYPTO_H_ */
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_driver_ipc_intf.c b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_driver_ipc_intf.c
similarity index 98%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_driver_ipc_intf.c
copy to api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_driver_ipc_intf.c
index 59efae1..32aef9c 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_driver_ipc_intf.c
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_driver_ipc_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_driver_ns_intf.c b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_driver_ns_intf.c
similarity index 98%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_driver_ns_intf.c
copy to api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_driver_ns_intf.c
index d6f3123..dd6b14c 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_driver_ns_intf.c
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_driver_ns_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_internal_trusted_storage_empty_intf.c
similarity index 74%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
copy to api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_internal_trusted_storage_empty_intf.c
index 14649e9..133cfa9 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_internal_trusted_storage_empty_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,17 +15,16 @@
* limitations under the License.
**/
-
+#include <stdarg.h>
#include "pal_common.h"
-#include "pal_crypto_intf.h"
/**
- @brief - This API will call the requested crypto function
+ @brief - This API will call the requested internal trusted storage function
@param - type : function code
valist : variable argument list
@return - error status
**/
-psa_status_t pal_crypto_function(int type, va_list valist)
+uint32_t pal_its_function(int type, va_list valist)
{
- return PAL_STATUS_UNSUPPORTED_FUNC;
+ return PAL_STATUS_ERROR;
}
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_internal_trusted_storage_intf.c b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_internal_trusted_storage_intf.c
new file mode 100644
index 0000000..4f04ab0
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_internal_trusted_storage_intf.c
@@ -0,0 +1,60 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_internal_trusted_storage_intf.h"
+
+/**
+ @brief - This API will call the requested internal trusted storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_its_function(int type, va_list valist)
+{
+ psa_its_uid_t uid;
+ uint32_t data_length, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ psa_its_create_flags_t its_create_flags;
+ struct psa_its_info_t *its_p_info;
+
+ switch (type)
+ {
+ case PAL_ITS_SET:
+ uid = va_arg(valist, psa_its_uid_t);
+ data_length = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ its_create_flags = va_arg(valist, psa_its_create_flags_t);
+ return psa_its_set(uid, data_length, p_write_data, its_create_flags);
+ case PAL_ITS_GET:
+ uid = va_arg(valist, psa_its_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_length = va_arg(valist, uint32_t);
+ p_read_data = va_arg(valist, void*);
+ return psa_its_get(uid, offset, data_length, p_read_data);
+ case PAL_ITS_GET_INFO:
+ uid = va_arg(valist, psa_its_uid_t);
+ its_p_info = va_arg(valist, struct psa_its_info_t*);
+ return psa_its_get_info(uid, its_p_info);
+ case PAL_ITS_REMOVE:
+ uid = va_arg(valist, psa_its_uid_t);
+ return psa_its_remove(uid);
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_internal_trusted_storage_intf.h b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_internal_trusted_storage_intf.h
new file mode 100644
index 0000000..6db6aac
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_internal_trusted_storage_intf.h
@@ -0,0 +1,31 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_
+#define _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_
+
+#include "pal_common.h"
+
+enum its_function_code {
+ PAL_ITS_SET = 0x1,
+ PAL_ITS_GET = 0x2,
+ PAL_ITS_GET_INFO = 0x3,
+ PAL_ITS_REMOVE = 0x4,
+};
+
+uint32_t pal_its_function(int type, va_list valist);
+#endif /* _PAL_INTERNAL_TRUSTED_STORAGE_INTF_H_ */
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_protected_storage_empty_intf.c
similarity index 74%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
copy to api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_protected_storage_empty_intf.c
index 14649e9..ee9b13d 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/nspe/pal_crypto_empty_intf.c
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_protected_storage_empty_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,17 +15,16 @@
* limitations under the License.
**/
-
+#include <stdarg.h>
#include "pal_common.h"
-#include "pal_crypto_intf.h"
/**
- @brief - This API will call the requested crypto function
+ @brief - This API will call the requested protected storage function
@param - type : function code
valist : variable argument list
@return - error status
**/
-psa_status_t pal_crypto_function(int type, va_list valist)
+uint32_t pal_ps_function(int type, va_list valist)
{
- return PAL_STATUS_UNSUPPORTED_FUNC;
+ return PAL_STATUS_ERROR;
}
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_protected_storage_intf.c b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_protected_storage_intf.c
new file mode 100644
index 0000000..4f89efe
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_protected_storage_intf.c
@@ -0,0 +1,73 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_protected_storage_intf.h"
+
+/**
+ @brief - This API will call the requested protected storage function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_ps_function(int type, va_list valist)
+{
+ psa_ps_uid_t uid;
+ uint32_t data_length, size, offset;
+ const void *p_write_data;
+ void *p_read_data;
+ psa_ps_create_flags_t ps_create_flags;
+ struct psa_ps_info_t *ps_p_info;
+
+ switch (type)
+ {
+ case PAL_PS_SET:
+ uid = va_arg(valist, psa_ps_uid_t);
+ data_length = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ ps_create_flags = va_arg(valist, psa_ps_create_flags_t);
+ return psa_ps_set(uid, data_length, p_write_data, ps_create_flags);
+ case PAL_PS_GET:
+ uid = va_arg(valist, psa_ps_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_length = va_arg(valist, uint32_t);
+ p_read_data = va_arg(valist, void*);
+ return psa_ps_get(uid, offset, data_length, p_read_data);
+ case PAL_PS_GET_INFO:
+ uid = va_arg(valist, psa_ps_uid_t);
+ ps_p_info = va_arg(valist, struct psa_ps_info_t*);
+ return psa_ps_get_info(uid, ps_p_info);
+ case PAL_PS_REMOVE:
+ uid = va_arg(valist, psa_ps_uid_t);
+ return psa_ps_remove(uid);
+ case PAL_PS_CREATE:
+ uid = va_arg(valist, psa_ps_uid_t);
+ size = va_arg(valist, uint32_t);
+ ps_create_flags = va_arg(valist, psa_ps_create_flags_t);
+ return psa_ps_create(uid, size, ps_create_flags);
+ case PAL_PS_SET_EXTENDED:
+ uid = va_arg(valist, psa_ps_uid_t);
+ offset = va_arg(valist, uint32_t);
+ data_length = va_arg(valist, uint32_t);
+ p_write_data = va_arg(valist, const void*);
+ return psa_ps_set_extended(uid, offset, data_length, p_write_data);
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+}
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_protected_storage_intf.h b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_protected_storage_intf.h
new file mode 100644
index 0000000..2f7e5fc
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/nspe/pal_protected_storage_intf.h
@@ -0,0 +1,33 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_PROTECTED_STORAGE_INTF_H_
+#define _PAL_PROTECTED_STORAGE_INTF_H_
+
+#include "pal_common.h"
+
+enum ps_function_code {
+ PAL_PS_SET = 0x1,
+ PAL_PS_GET = 0x2,
+ PAL_PS_GET_INFO = 0x3,
+ PAL_PS_REMOVE = 0x4,
+ PAL_PS_CREATE = 0x5,
+ PAL_PS_SET_EXTENDED = 0x6,
+};
+
+uint32_t pal_ps_function(int type, va_list valist);
+#endif /* _PAL_PROTECTED_STORAGE_INTF_H_ */
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/spe/pal_driver_intf.c b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/spe/pal_driver_intf.c
similarity index 97%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/spe/pal_driver_intf.c
copy to api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/spe/pal_driver_intf.c
index f80e82d..cc8b537 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/spe/pal_driver_intf.c
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/spe/pal_driver_intf.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/spe/pal_driver_intf.h b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/spe/pal_driver_intf.h
similarity index 94%
copy from api-tests/platform/targets/fvp_mps2_cm4_mbedos/spe/pal_driver_intf.h
copy to api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/spe/pal_driver_intf.h
index b6ed2ab..da85a63 100644
--- a/api-tests/platform/targets/fvp_mps2_cm4_mbedos/spe/pal_driver_intf.h
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/spe/pal_driver_intf.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
diff --git a/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/target.cfg b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/target.cfg
new file mode 100644
index 0000000..7948399
--- /dev/null
+++ b/api-tests/platform/targets/tgt_ff_mbedos_fvp_mps2_m4/target.cfg
@@ -0,0 +1,81 @@
+///** @file
+// * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+// * SPDX-License-Identifier : Apache-2.0
+// *
+// * Licensed under the Apache License, Version 2.0 (the "License");
+// * you may not use this file except in compliance with the License.
+// * You may obtain a copy of the License at
+// *
+// * http://www.apache.org/licenses/LICENSE-2.0
+// *
+// * Unless required by applicable law or agreed to in writing, software
+// * distributed under the License is distributed on an "AS IS" BASIS,
+// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// * See the License for the specific language governing permissions and
+// * limitations under the License.
+//**/
+
+// UART device info
+uart.num=1;
+uart.0.base = 0x40004000;
+uart.0.size = 0xFFF;
+uart.0.intr_id = 0xFF;
+uart.0.permission = TYPE_READ_WRITE;
+
+// Watchdog device info
+watchdog.num = 1;
+watchdog.0.base = 0x40008000;
+watchdog.0.size = 0xFFF;
+watchdog.0.intr_id = 0xFF;
+watchdog.0.permission = TYPE_READ_WRITE;
+watchdog.0.num_of_tick_per_micro_sec = 0x3; //(sys_feq/1000000)
+watchdog.0.timeout_in_micro_sec_low = 0xF4240; //1.0 sec : 1 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_medium = 0x1E8480; //2.0 sec : 2 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_high = 0x4C4B40; //5.0 sec : 5 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_crypto = 0x1312D00; //18.0 sec : 18 * 1000 * 1000
+
+// Range of 1KB Non-volatile memory to preserve data over reset. Ex, NVRAM and FLASH
+nvmem.num =1;
+nvmem.0.start = 0x2002F000;
+nvmem.0.end = 0x2002F3FF;
+nvmem.0.permission = TYPE_READ_WRITE;
+
+// Miscellaneous - Test scatter info
+dut.num = 1;
+
+// Start address of 10KB NS memory for test ELF
+dut.0.ns_test_addr = 0x2007F000;
+
+// Start address of combine_test_binary in memory. Memory can be main memory or secondary memory.
+// Size of combine_test_binary = Summation of size of each test ELF file.
+dut.0.ns_start_addr_of_combine_test_binary = 0x2003F000;
+
+// Is combine_test_binary available in RAM?
+dut.0.combine_test_binary_in_ram = AVAILABLE;
+
+
+// ###################################################################
+// Following Target configuration parameters are required for IPC tests
+// only. Avoid updating them if you are running dev_apis.
+// ###################################################################
+
+// Level of Isolation
+dut.0.implemented_psa_firmware_isolation_level = LEVEL1;
+
+// Assign free memory range for isolation testing. Choose the addresses
+// for these memory regions such that it follows below condition:
+// nspe_mmio.0.start < client_partition_mmio.0.start < driver_partition_mmio.0.start.
+nspe_mmio.num=1;
+nspe_mmio.0.start = 0x200AF000;
+nspe_mmio.0.end = 0x200AF01F;
+nspe_mmio.0.permission = TYPE_READ_WRITE;
+
+client_partition_mmio.num=1;
+client_partition_mmio.0.start = 0x200AF020;
+client_partition_mmio.0.end = 0x200AF03F;
+client_partition_mmio.0.permission = TYPE_READ_WRITE;
+
+driver_partition_mmio.num=1;
+driver_partition_mmio.0.start = 0x200AF040;
+driver_partition_mmio.0.end = 0x200AF05F;
+driver_partition_mmio.0.permission = TYPE_READ_WRITE;
diff --git a/api-tests/tools/makefiles/Makefile b/api-tests/tools/makefiles/Makefile
index 9aaa1e6..306250f 100644
--- a/api-tests/tools/makefiles/Makefile
+++ b/api-tests/tools/makefiles/Makefile
@@ -1,4 +1,4 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
# * Licensed under the Apache License, Version 2.0 (the "License");
@@ -92,13 +92,15 @@
@echo " $(SUITE_OUT)/test_elf_combine.bin"
endif
@echo ""
-ifeq (${SUITE}, ipc)
+ifeq (${PSA_IPC_IMPLEMENTED}, 1)
@echo "b) SPE files"
@echo " $(BUILD)/partition/driver_partition.a"
+endif
+ifeq (${SUITE}, ipc)
@echo " $(BUILD)/partition/client_partition.a"
@echo " $(BUILD)/partition/server_partition.a"
- @echo ""
endif
+ @echo ""
clean:
@echo ">>>> Cleaning the build directory..."
diff --git a/api-tests/tools/makefiles/linker/test.linker b/api-tests/tools/makefiles/linker/test.linker
index cc8f552..61901d9 100644
--- a/api-tests/tools/makefiles/linker/test.linker
+++ b/api-tests/tools/makefiles/linker/test.linker
@@ -1,4 +1,4 @@
-/* Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+/* Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -21,8 +21,8 @@
MEMORY
{
TEST_INFO (R) : ORIGIN = TEST_START, LENGTH = 0x100
- TEST_TEXT (RX) : ORIGIN = TEST_START +0x100, LENGTH = 0xE00
- TEST_DATA (RW) : ORIGIN = TEST_START +0xF00, LENGTH = 0x1300
+ TEST_TEXT (RX) : ORIGIN = TEST_START +0x100, LENGTH = 0x1400
+ TEST_DATA (RW) : ORIGIN = TEST_START +0x1500, LENGTH = 0x1800
}
SECTIONS
diff --git a/api-tests/tools/makefiles/linker/test.sct b/api-tests/tools/makefiles/linker/test.sct
index 27422f1..870aa8f 100644
--- a/api-tests/tools/makefiles/linker/test.sct
+++ b/api-tests/tools/makefiles/linker/test.sct
@@ -1,4 +1,4 @@
-/* Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+/* Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -15,16 +15,16 @@
**/
#define TEST_CODE_START 0x0
-#define TEST_INFO_SIZE 0x8
-#define TEST_TEXT_SIZE 0xD00
-#define TEST_DATA_SIZE 0x1300
+#define TEST_INFO_SIZE 0x100
+#define TEST_TEXT_SIZE 0x1400
+#define TEST_DATA_SIZE 0x1800
LR_CODE TEST_CODE_START
{
ER_CODE TEST_CODE_START (TEST_INFO_SIZE+TEST_TEXT_SIZE+TEST_DATA_SIZE)
{
- test_entry.o(.acs_test_info +FIRST)
+ test_entry_nspe.o(.acs_test_info +FIRST)
* (+CODE)
* (+RO)
* (+ZI +RW)
diff --git a/api-tests/tools/makefiles/spbuild.mk b/api-tests/tools/makefiles/spbuild.mk
index e84fd47..580a3c9 100644
--- a/api-tests/tools/makefiles/spbuild.mk
+++ b/api-tests/tools/makefiles/spbuild.mk
@@ -1,4 +1,4 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
# * Licensed under the Apache License, Version 2.0 (the "License");
@@ -23,7 +23,9 @@
-I$(SOURCE)/ff/partition/common/ \
-I$(SOURCE)/ff/partition/ipc/ \
-I$(BUILD)/partition/ \
- -I$(BUILD)/platform/$(TARGET)/
+ -I$(BUILD)/platform/$(TARGET)/ \
+ -I$(SOURCE)/platform/targets/$(TARGET)/nspe \
+ -I$(SOURCE)/platform/targets/$(TARGET)/spe
VPATH=$(SOURCE)/val/common/:\
$(SOURCE)/val/nspe/:\
@@ -49,7 +51,7 @@
compile_asm: $(AS_SOURCE:%.s=$(BUILD)/partition/%.o)
$(BUILD)/partition/%.o : %.c
- $(CC) -o $@ -c $<
+ $(CC) -DSPE_BUILD -o $@ -c $<
$(BUILD)/partition/%.o : %.s
$(AS) -o $@ $<
diff --git a/api-tests/tools/makefiles/testbuild.mk b/api-tests/tools/makefiles/testbuild.mk
index 7b9cceb..cf9eea2 100644
--- a/api-tests/tools/makefiles/testbuild.mk
+++ b/api-tests/tools/makefiles/testbuild.mk
@@ -1,4 +1,4 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
# * Licensed under the Apache License, Version 2.0 (the "License");
@@ -27,11 +27,19 @@
-I$(SUITE_IN)/include/ \
-I$(BUILD)/val/
+ifeq (${SUITE}, protected_storage)
+INCLUDE += -I$(SUITE_IN)/../internal_trusted_storage/$(TEST)
+endif
+
VPATH=$(SOURCE)/val/common/:\
$(SOURCE)/val/nspe/:\
$(SOURCE)/val/spe/:\
$(SUITE_IN)/$(TEST)/:\
- $(SUITE_IN)/include/
+ $(SUITE_IN)/include/:
+
+ifeq (${SUITE}, protected_storage)
+VPATH += $(SUITE_IN)/../internal_trusted_storage/$(TEST)/
+endif
all: mkdir compile_c_nspe compile_asm_nspe test.elf compile_c_spe compile_asm_spe
@@ -53,7 +61,7 @@
compile_asm_spe: $(AS_SOURCE_SPE:%.s=$(SUITE_OUT)/$(TEST)/%_spe.o)
$(SUITE_OUT)/$(TEST)/%_spe.o : %.c
- $(CC) -o $@ -c $<
+ $(CC) -DSPE_BUILD -o $@ -c $<
$(SUITE_OUT)/$(TEST)/%_spe.o : %.s
$(AS) -o $@ $<
@@ -62,7 +70,6 @@
ifeq (${TOOLCHAIN}, GNUARM)
$(LD) -Xlinker -Map=$(SUITE_OUT)/$(TEST)/test.map -o $(SUITE_OUT)/$(TEST)/test.elf -T$(SUITE_OUT)/.test.linker $(SUITE_OUT)/$(TEST)/*_nspe.o
else
- cpp -x assembler-with-cpp -w -E -o $(SUITE_OUT)/.test.sct.tmp $(SUITE_OUT)/.test.sct ; cp $(SUITE_OUT)/.test.sct.tmp $(SUITE_OUT)/.test.sct
$(LD) --scatter=$(SUITE_OUT)/.test.sct --list=$(SUITE_OUT)/$(TEST)/test.map -o $(SUITE_OUT)/$(TEST)/test.elf $(SUITE_OUT)/$(TEST)/*_nspe.o
endif
$(DS) $(SUITE_OUT)/$(TEST)/test.elf > $(SUITE_OUT)/$(TEST)/test.disass
diff --git a/api-tests/tools/makefiles/toolchain.mk b/api-tests/tools/makefiles/toolchain.mk
index 1e932eb..2a3c998 100644
--- a/api-tests/tools/makefiles/toolchain.mk
+++ b/api-tests/tools/makefiles/toolchain.mk
@@ -1,4 +1,4 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
# * Licensed under the Apache License, Version 2.0 (the "License");
@@ -72,17 +72,13 @@
endif
endif
-COMPILER_OPTIONS= --target=arm-arm-none-eabi $(TARGET_SWITCH) -Wall -Werror -fshort-enums -fshort-wchar -funsigned-char -fdata-sections -ffunction-sections -mno-unaligned-access -mfpu=none -DVAL_NSPE_BUILD
+COMPILER_OPTIONS= --target=arm-arm-none-eabi $(TARGET_SWITCH) -Wall -Werror -fshort-enums -fshort-wchar -funsigned-char -fdata-sections -ffunction-sections -mno-unaligned-access -mfpu=none
AR_OPTIONS= --create -cr
-LINKER_OPTIONS= --strict --map --symbols --xref --entry=acs_test_info --info=summarysizes,sizes,totals,unused,veneers --diag_warning=L6204
+LINKER_OPTIONS= --strict --map --symbols --xref --info=summarysizes,sizes,totals,unused,veneers --diag_warning=L6204
OBJDUMP_OPTIONS= -c -d --datasymbols
endif
#### ARMCLANG OPTIONS - END ####
-ifeq (${SUITE}, crypto)
-COMPILER_OPTIONS += -DCRYPTO_SUITE
-endif
-
COMPILER_OPTIONS += -DVERBOSE=$(VERBOSE)
ifeq (${TEST_COMBINE_ARCHIVE}, 1)
@@ -93,6 +89,22 @@
COMPILER_OPTIONS += -DPSA_IPC_IMPLEMENTED
endif
+ifeq (${PSA_CRYPTO_IMPLEMENTED}, 1)
+COMPILER_OPTIONS += -DPSA_CRYPTO_IMPLEMENTED
+endif
+
+ifeq (${PSA_PROTECTED_STORAGE_IMPLEMENTED}, 1)
+COMPILER_OPTIONS += -DPSA_PROTECTED_STORAGE_IMPLEMENTED
+endif
+
+ifeq (${PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED}, 1)
+COMPILER_OPTIONS += -DPSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED
+endif
+
+ifeq (${PSA_INITIAL_ATTESTATION_IMPLEMENTED}, 1)
+COMPILER_OPTIONS += -DPSA_INITIAL_ATTESTATION_IMPLEMENTED
+endif
+
CC= $(COMPILER) $(COMPILER_OPTIONS) $(CC_OPTIONS) $(USER_INCLUDE) $(INCLUDE)
AS= $(ASSEMBLER) $(ASSEMBLER_OPTIONS) $(AS_OPTIONS)
LD= $(LINKER) $(LINKER_OPTIONS)
diff --git a/api-tests/tools/makefiles/valbuild.mk b/api-tests/tools/makefiles/valbuild.mk
index 79418ec..01b457c 100644
--- a/api-tests/tools/makefiles/valbuild.mk
+++ b/api-tests/tools/makefiles/valbuild.mk
@@ -1,4 +1,4 @@
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
# * Licensed under the Apache License, Version 2.0 (the "License");
@@ -28,7 +28,7 @@
$(SOURCE)/val/spe/
SRC_COMMON=
-SRC_NS= val_entry.c val_dispatcher.c val_framework.c val_crypto.c val_interfaces.c val_peripherals.c val_target.c
+SRC_NS= val_entry.c val_dispatcher.c val_framework.c val_crypto.c val_interfaces.c val_peripherals.c val_target.c val_protected_storage.c val_internal_trusted_storage.c val_attestation.c
all: build
diff --git a/api-tests/tools/scripts/gen_tests_list.pl b/api-tests/tools/scripts/gen_tests_list.pl
new file mode 100644
index 0000000..8b27b50
--- /dev/null
+++ b/api-tests/tools/scripts/gen_tests_list.pl
@@ -0,0 +1,131 @@
+#!/usr/bin/env perl
+#/** @file
+# * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+
+$build=$ARGV[0];
+$tests_list=$ARGV[1];
+$suite=$ARGV[2];
+
+&gen_test_entry_info();
+&gen_secure_tests_list() if ($suite eq "ipc");
+
+sub gen_test_entry_info
+{
+ my $test_num = 0;
+ my $uniq_test_string = '';
+ my $max_test_per_suite = 200;
+ my $suite_base = 0;
+ my $test_entry_list = "$build/val/test_entry_list.inc";
+ my $test_entry_fn_declare_list = "$build/val/test_entry_fn_declare_list.inc";
+
+ print "\n>>>> Generating tests list by referring testsuite.db \n";
+
+ if ($suite eq "crypto")
+ {
+ $suite_base = 1;
+ }
+ elsif ($suite eq "protected_storage")
+ {
+ $suite_base = 2;
+ }
+ elsif ($suite eq "internal_trusted_storage")
+ {
+ $suite_base = 3;
+ }
+ elsif ($suite eq "initial_attestation")
+ {
+ $suite_base = 4;
+ }
+
+ open(IN, $tests_list) or die "Unable to open $tests_list $!";
+ open(OUT1, '>', $test_entry_fn_declare_list) or die "Unable to open: $!";
+ open(OUT2, '>', $test_entry_list) or die "Unable to open: $!";
+
+ while(<IN>) {
+ if($_ !~ /^\//) {# exclude commented lines if any
+ chomp($_);
+ if($_ =~ /^test_(.+)/) {
+ $uniq_test_string = $1;
+ $uniq_test_string =~ s/s/p/ if ($suite eq "protected_storage");
+ print OUT1 "void test_entry_$uniq_test_string(val_api_t *val_api, psa_api_t *psa_api);\n";
+ if($_ =~ /^test_\w0*(\d+)/) {
+ $test_num = $1 + ($max_test_per_suite * $suite_base);
+ print OUT2 "\t{$test_num, &test_entry_$uniq_test_string},\n";
+ }
+ }
+ }
+ }
+ close IN;
+ close OUT1;
+ close OUT2;
+ print "Output files are:
+ $test_entry_list,
+ $test_entry_fn_declare_list\n";
+}
+
+sub gen_secure_tests_list
+{
+ my $test_num = 0;
+ my $test_num_prev = 0;
+ my $client_tests_list_declare = "$build/partition/client_tests_list_declare.inc";
+ my $client_tests_list = "$build/partition/client_tests_list.inc";
+ my $server_tests_list_declare = "$build/partition/server_tests_list_declare.inc";
+ my $server_tests_list = "$build/partition/server_tests_list.inc";
+
+ print "\n>>>> Generating secure tests list files by referring testsuite.db \n";
+
+ open(IN, $tests_list) or die "Unable to open $tests_list $!";
+ open(OUT1, '>', $client_tests_list_declare) or die "Unable to open: $!";
+ open(OUT2, '>', $client_tests_list) or die "Unable to open: $!";
+ open(OUT3, '>', $server_tests_list_declare) or die "Unable to open: $!";
+ open(OUT4, '>', $server_tests_list) or die "Unable to open: $!";
+
+ while(<IN>) {
+ if($_ !~ /^\//) {# exclude commented lines if any
+ chomp($_);
+ if($_ =~ /^test_\w(\d+)/) {
+ $test_num = $1;
+ print OUT1 " extern client_test_t $_\_client_tests_list[];\n";
+ print OUT3 " extern server_test_t $_\_server_tests_list[];\n";
+
+ if ($test_num - $test_num_prev > 1)
+ {
+ for ($i = $test_num_prev; $i < ($test_num - 1); $i++)
+ {
+ print OUT2 "\tNULL,\n";
+ print OUT4 "\tNULL,\n";
+ }
+ }
+ print OUT2 "\t$_\_client_tests_list,\n";
+ print OUT4 "\t$_\_server_tests_list,\n";
+ }
+ }
+ $test_num_prev = $test_num;
+ }
+ close IN;
+ close OUT1;
+ close OUT2;
+ close OUT3;
+ close OUT4;
+
+ print "Output files are:
+ $client_tests_list_declare,
+ $client_tests_list,
+ $server_tests_list_declare,
+ $server_tests_list \n\n";
+}
diff --git a/api-tests/tools/scripts/process_test_linker_file.pl b/api-tests/tools/scripts/process_test_linker_file.pl
index b8d4984..3a31b3b 100755
--- a/api-tests/tools/scripts/process_test_linker_file.pl
+++ b/api-tests/tools/scripts/process_test_linker_file.pl
@@ -1,6 +1,6 @@
#!/usr/bin/env perl
#/** @file
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
# * Licensed under the Apache License, Version 2.0 (the "License");
@@ -71,3 +71,9 @@
{
die ("Error: ns_test_addr is not found in target.cfg file\n");
}
+
+if($toolchain eq "ARMCLANG")
+{
+ system("cpp -x assembler-with-cpp -w -E -o $linker_out.tmp $linker_out ") && die ("Failed to process $linker_out\n");
+ system("cp $linker_out.tmp $linker_out");
+}
diff --git a/api-tests/tools/scripts/setup.sh b/api-tests/tools/scripts/setup.sh
index 3141806..bec177b 100755
--- a/api-tests/tools/scripts/setup.sh
+++ b/api-tests/tools/scripts/setup.sh
@@ -1,7 +1,6 @@
#!/usr/bin/env bash
-
#/** @file
-# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
# * SPDX-License-Identifier : Apache-2.0
# *
# * Licensed under the Apache License, Version 2.0 (the "License");
@@ -20,13 +19,36 @@
echo ""
declare -a INCLUDE_PATHS
+export SUITE=" "
export TEST_COMBINE_ARCHIVE=0
export CLIENT_FILE_FOUND=0
export SERVICE_FILE_FOUND=0
+export CRYPTO_FILE_FOUND=0
+export PROTECTED_STORAGE_FILE_FOUND=0
+export INTERNAL_TRUSTED_STORAGE_FILE_FOUND=0
+export INITIAL_ATTESTATION_FILE_FOUND=0
+
+IPC_HEADER_FILE_REQ="If PSA IPC implemented in your platform, include path must point to path
+where \"psa/client.h\", \"psa/service.h\" and test partition manifest output files
+(\"psa_manifest/sid.h\" and \"psa_manifest/<manifestfilename>.h\") are located.
+"
+CRYPTO_HEADER_FILE_REQ="If PSA CRYPTO APIs are implemented into your platform then you must provide
+\"psa/crypto.h\" file to setup.sh script using --include option to compile tests and framework.
+"
+PS_HEADER_FILE_REQ="If PSA PROTECTED STORAGE APIs are implemented into your platform then you must provide
+\"psa/protected_storage.h\" file to setup.sh script using --include option to compile tests and framework.
+"
+ITS_HEADER_FILE_REQ="If PSA INTERNAL_TRUSTED_STORAGE APIs are implemented into your platform then you must provide
+\"psa/internal_trusted_storage.h\" file to setup.sh script using --include option to compile tests and framework.
+"
+ATTESTATION_HEADER_FILE_REQ="If PSA INITIAL_ATTESTATION APIs are implemented into your platform then you must provide
+\"psa/initial_attestation.h\" file to setup.sh script using --include option to compile tests and framework.
+"
+
HELP="
Usage: setup.sh [--source SOURCE_DIR] [--build BUILD_DIR] [--target TARGET] [--suite SUITE]
- [--toolchain TOOLCHAIN] [--cpu_arch CPU_ARCH] [--clean] [--verbose PRINT_LEVEL]
+ [--toolchain TOOLCHAIN] [--cpu_arch CPU_ARCH] [--verbose PRINT_LEVEL]
[--include INCLUDE_PATH] [--help|-h]
Arguments Info:
@@ -36,29 +58,32 @@
--target <TARGET> : Provide target string as argument.
target.cfg file corresponding to input string must be avaiable at
platform/targets/<TARGET>/
- --suite <SUITE> : Compile tests for given suite. Support values are ipc and crypto.
- Default is ipc suite.
- --toolchain <TOOLCHAIN> : Build using the given TOOLCHAIN. Supported value is GNUARM (GNU Arm Embedded).
- Future release will be extended to support ARMCLANG (ARM Compiler 6.x).
+ --suite <SUITE> : Compile tests for given suite. Support values are:
+ ipc, crypto, internal_trusted_storage and protected_storage.
+ --toolchain <TOOLCHAIN> : Build using the given TOOLCHAIN.
+ Supported values are GNUARM (GNU Arm Embedded) and ARMCLANG (ARM Compiler 6.x).
--cpu_arch <CPU_ARCH> : Provide cpu arch string as argument.
Supported CPU arch are armv8m_ml, armv8m_bl and armv7m.
- --clean : Clean the build directory
--verbose <PRINT_LEVEL> : Print verbosity level
Supported print levels are:
1 - INFO & above.
2 - DEBUG & above.
- 3 - TEST & above.(Default)
- 4 - WARN & ERROR.
+ 3 - TEST & above.
+ 4 - WARN & ERROR.(Default)
5 - ERROR.
--include <INCLUDE_PATH>: Additional directory to be included into compiler search path. Provide --include <path>
where path pointing to location of PSA defined header files.
You can specify multiple source locations using --include option.
Ex: --include <path1> --include <path2>
- Note- If PSA IPC implemented in your platform, include path must point to path
- where \"psa/client.h\", \"psa/service.h\" and test partition manifest output files
- (\"psa_manifest/sid.h\" and \"psa_manifest/<manifestfilename>.h\") are located.
--help|-h : Print this help message
+Notes:
+1. $IPC_HEADER_FILE_REQ
+2. $CRYPTO_HEADER_FILE_REQ
+3. $PS_HEADER_FILE_REQ
+4. $ITS_HEADER_FILE_REQ
+5. $ATTESTATION_HEADER_FILE_REQ
+
"
if [ "$#" == "0" ]; then
@@ -87,9 +112,6 @@
--cpu_arch ) shift
export CPU_ARCH=$1
;;
- --clean )
- export CLEAN=1
- ;;
--verbose ) shift
export VERBOSE=$1
;;
@@ -100,12 +122,12 @@
export INCLUDE="$INCLUDE -I $1/"
INCLUDE_PATHS=("${INCLUDE_PATHS[@]}" $1)
;;
- --help | -h | * )
+ --help | -h )
echo "$HELP"
exit 1
;;
* )
- echo "Error: Invaid argument"
+ echo "Error: Invaid argument $1"
echo "$HELP"
exit 1
esac
@@ -143,22 +165,26 @@
echo "Using \$TARGET=$TARGET"
fi
-if [ -z "$SUITE" ]
+if [ "$SUITE" != "ipc" ] && [ "$SUITE" != "crypto" ] && [ "$SUITE" != "protected_storage" ] &&
+ [ "$SUITE" != "internal_trusted_storage" ] && [ "$SUITE" != "initial_attestation" ]
then
- export SUITE=ipc
- echo "--suite option is not provided, hence using default value \$SUITE=$SUITE"
-else
- echo "Using \$SUITE=$SUITE"
+ echo "Error: Unsupported value for --suite=$SUITE.
+ Refer help message to see supported suites"
+ exit 1
fi
-PSA_IPC_IMPLEMENTED=`grep -c "^ *PSA_IPC_IMPLEMENTED\s*:=\s*1" $SOURCE/platform/targets/$TARGET/Makefile`
-PSA_CRYPTO_IMPLEMENTED=`grep -c "^ *PSA_CRYPTO_IMPLEMENTED\s*:=\s*1" $SOURCE/platform/targets/$TARGET/Makefile`
+PLATFORM_MAKEFILE=$SOURCE/platform/targets/$TARGET/Makefile
+PSA_IPC_IMPLEMENTED=`grep -c "^ *PSA_IPC_IMPLEMENTED\s*:=\s*1" $PLATFORM_MAKEFILE`
+PSA_CRYPTO_IMPLEMENTED=`grep -c "^ *PSA_CRYPTO_IMPLEMENTED\s*:=\s*1" $PLATFORM_MAKEFILE`
+PSA_PROTECTED_STORAGE_IMPLEMENTED=`grep -c "^ *PSA_PROTECTED_STORAGE_IMPLEMENTED\s*:=\s*1" $PLATFORM_MAKEFILE`
+PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED=`grep -c "^ *PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED\s*:=\s*1" $PLATFORM_MAKEFILE`
+PSA_INITIAL_ATTESTATION_IMPLEMENTED=`grep -c "^ *PSA_INITIAL_ATTESTATION_IMPLEMENTED\s*:=\s*1" $PLATFORM_MAKEFILE`
# Check PSA_IPC_IMPLEMENTED validity
if [ $SUITE == "ipc" ] && [ $PSA_IPC_IMPLEMENTED == "0" ]
then
echo "Error: PSA_IPC_IMPLEMENTED must be set to 1 for ipc suite
- in $SOURCE/platform/$TARGET/Makefile"
+ in $PLATFORM_MAKEFILE"
exit 1
fi
@@ -166,7 +192,31 @@
if [ $SUITE == "crypto" ] && [ $PSA_CRYPTO_IMPLEMENTED == "0" ]
then
echo "Error: PSA_CRYPTO_IMPLEMENTED must be set to 1 for crypto suite
- in $SOURCE/platform/$TARGET/Makefile"
+ in $PLATFORM_MAKEFILE"
+ exit 1
+fi
+
+# Check PSA_PROTECTED_STORAGE_IMPLEMENTED validity
+if [ $SUITE == "protected_storage" ] && [ $PSA_PROTECTED_STORAGE_IMPLEMENTED == "0" ]
+then
+ echo "Error: PSA_PROTECTED_STORAGE_IMPLEMENTED must be set to 1 for protected_storage suite
+ in $PLATFORM_MAKEFILE"
+ exit 1
+fi
+
+# Check PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED validity
+if [ $SUITE == "internal_trusted_storage" ] && [ $PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED == "0" ]
+then
+ echo "Error: PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED must be set to 1 for internal_trusted_storage suite
+ in $PLATFORM_MAKEFILE"
+ exit 1
+fi
+
+# Check PSA_INITIAL_ATTESTATION_IMPLEMENTED validity
+if [ $SUITE == "initial_attestation" ] && [ $PSA_INITIAL_ATTESTATION_IMPLEMENTED == "0" ]
+then
+ echo "Error: PSA_INITIAL_ATTESTATION_IMPLEMENTED must be set to 1 for initial_attestation suite
+ in $PLATFORM_MAKEFILE"
exit 1
fi
@@ -175,12 +225,7 @@
# Check --include validity for ipc suite
if [ -z "$INCLUDE" ]
then
- echo "Error: --include option is not provided.
- You must provide PSA defined API element header files "psa/client.h" and "psa/service.h"
- and test partition manifest output files to compile tests and test framework.
- Provide --include <path> where path pointing to location of required files.
- You can specify multiple source locations using --include option.
- Ex: --include <path1> --include <path2> "
+ echo "Error: --include option is not provided. $IPC_HEADER_FILE_REQ"
exit 1
else
for path in "${INCLUDE_PATHS[@]}"
@@ -197,16 +242,119 @@
if [ $CLIENT_FILE_FOUND == "0" ]
then
echo "Couldn't find psa/client.h file in paths: ${INCLUDE_PATHS[@]}"
+ echo "$IPC_HEADER_FILE_REQ"
exit 1
fi
if [ $SERVICE_FILE_FOUND == "0" ]
then
echo "Couldn't find psa/service.h file in paths: ${INCLUDE_PATHS[@]}"
+ echo "$IPC_HEADER_FILE_REQ"
exit 1
fi
fi
fi
+if [ $PSA_CRYPTO_IMPLEMENTED == "1" ]
+then
+ # Check --include validity for crypto suite
+ if [ -z "$INCLUDE" ]
+ then
+ echo "Error: --include option is not provided."
+ echo "$CRYPTO_HEADER_FILE_REQ"
+ exit 1
+ else
+ for path in "${INCLUDE_PATHS[@]}"
+ do
+ if [ -f "$path/psa/crypto.h" ]
+ then
+ export CRYPTO_FILE_FOUND=1
+ fi
+ done
+ if [ $CRYPTO_FILE_FOUND == "0" ]
+ then
+ echo "Couldn't find psa/crypto.h file in paths: ${INCLUDE_PATHS[@]}"
+ echo "$CRYPTO_HEADER_FILE_REQ"
+ exit 1
+ fi
+ fi
+fi
+
+if [ $PSA_PROTECTED_STORAGE_IMPLEMENTED == "1" ]
+then
+ # Check --include validity for protected storage suite
+ if [ -z "$INCLUDE" ]
+ then
+ echo "Error: --include option is not provided."
+ echo "$PS_HEADER_FILE_REQ"
+ exit 1
+ else
+ for path in "${INCLUDE_PATHS[@]}"
+ do
+ if [ -f "$path/psa/protected_storage.h" ]
+ then
+ export PROTECTED_STORAGE_FILE_FOUND=1
+ fi
+ done
+ if [ $PROTECTED_STORAGE_FILE_FOUND == "0" ]
+ then
+ echo "Couldn't find psa/protected_storage.h file in paths: ${INCLUDE_PATHS[@]}"
+ echo "$PS_HEADER_FILE_REQ"
+ exit 1
+ fi
+ fi
+fi
+
+if [ $PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED == "1" ]
+then
+ # Check --include validity for internal trusted storage suite
+ if [ -z "$INCLUDE" ]
+ then
+ echo "Error: --include option is not provided."
+ echo "$ITS_HEADER_FILE_REQ"
+ exit 1
+ else
+ for path in "${INCLUDE_PATHS[@]}"
+ do
+ if [ -f "$path/psa/internal_trusted_storage.h" ]
+ then
+ export INTERNAL_TRUSTED_STORAGE_FILE_FOUND=1
+ fi
+ done
+ if [ $INTERNAL_TRUSTED_STORAGE_FILE_FOUND == "0" ]
+ then
+ echo "Couldn't find psa/internal_trusted_storage.h file in paths: ${INCLUDE_PATHS[@]}"
+ echo "$ITS_HEADER_FILE_REQ"
+ exit 1
+ fi
+ fi
+fi
+
+if [ $PSA_INITIAL_ATTESTATION_IMPLEMENTED == "1" ]
+then
+ # Check --include validity for initial_attestation suite
+ if [ -z "$INCLUDE" ]
+ then
+ echo "Error: --include option is not provided."
+ echo "$ATTESTATION_HEADER_FILE_REQ"
+ exit 1
+ else
+ for path in "${INCLUDE_PATHS[@]}"
+ do
+ if [ -f "$path/psa/initial_attestation.h" ]
+ then
+ export INITIAL_ATTESTATION_FILE_FOUND=1
+ fi
+ done
+ if [ $INITIAL_ATTESTATION_FILE_FOUND == "0" ]
+ then
+ echo "Couldn't find psa/initial_attestation.h file in paths: ${INCLUDE_PATHS[@]}"
+ echo "$ATTESTATION_HEADER_FILE_REQ"
+ exit 1
+ fi
+ fi
+fi
+
+
if [ -z "$TOOLCHAIN" ]
then
export TOOLCHAIN=GNUARM
@@ -217,7 +365,8 @@
if [ $TOOLCHAIN != "GNUARM" ] && [ $TOOLCHAIN != "ARMCLANG" ]
then
- echo "Error: Unsupported value for --toolchain=$TOOLCHAIN. Supported toolchain are GNUARM and ARMCLANG"
+ echo "Error: Unsupported value for --toolchain=$TOOLCHAIN.
+ Supported toolchain are GNUARM and ARMCLANG"
exit 1
fi
@@ -232,13 +381,16 @@
if [ $CPU_ARCH != "armv8m_ml" ] && [ $CPU_ARCH != "armv8m_bl" ] && [ $CPU_ARCH != "armv7m" ]
then
- echo "Error: Unsupported value for --cpu_arch=$CPU_ARCH. Supported CPU arch are armv8m_ml, armv8m_bl, armv7m"
+ echo "Error: Unsupported value for --cpu_arch=$CPU_ARCH.
+ Supported CPU arch are armv8m_ml, armv8m_bl, armv7m"
exit 1
fi
if [ ! -z "$VERBOSE" ]
then
- if [ $VERBOSE != "1" ] && [ $VERBOSE != "2" ] && [ $VERBOSE != "3" ] && [ $VERBOSE != "4" ] && [ $VERBOSE != "5" ]
+ if [ $VERBOSE != "1" ] && [ $VERBOSE != "2" ] &&
+ [ $VERBOSE != "3" ] && [ $VERBOSE != "4" ] &&
+ [ $VERBOSE != "5" ]
then
echo "Error: Unsupported value for --verbose=$VERBOSE."
echo "Supported print levels are:"
@@ -250,7 +402,7 @@
exit 1
fi
else
- export VERBOSE=3
+ export VERBOSE=4
fi
MAKE_OPTIONS=" SOURCE=$SOURCE "
@@ -262,13 +414,12 @@
MAKE_OPTIONS+=" VERBOSE=$VERBOSE "
MAKE_OPTIONS+=" TEST_COMBINE_ARCHIVE=$TEST_COMBINE_ARCHIVE "
MAKE_OPTIONS+=" PSA_IPC_IMPLEMENTED=$PSA_IPC_IMPLEMENTED "
+MAKE_OPTIONS+=" PSA_CRYPTO_IMPLEMENTED=$PSA_CRYPTO_IMPLEMENTED "
+MAKE_OPTIONS+=" PSA_PROTECTED_STORAGE_IMPLEMENTED=$PSA_PROTECTED_STORAGE_IMPLEMENTED "
+MAKE_OPTIONS+=" PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED=$PSA_INTERNAL_TRUSTED_STORAGE_IMPLEMENTED "
+MAKE_OPTIONS+=" PSA_INITIAL_ATTESTATION_IMPLEMENTED=$PSA_INITIAL_ATTESTATION_IMPLEMENTED "
MAKE_OPTIONS+=" USER_INCLUDE=\"$INCLUDE\" "
-if [ -z "$CLEAN" ]
-then
- #Build VAL/PAL static library and Tests ELFs
- echo "make -f $SOURCE/tools/makefiles/Makefile $MAKE_OPTIONS USER_INCLUDE=\"$INCLUDE\" all "
- make -f $SOURCE/tools/makefiles/Makefile $MAKE_OPTIONS USER_INCLUDE="$INCLUDE" all
-else
- make -f $SOURCE/tools/makefiles/Makefile $MAKE_OPTIONS USER_INCLUDE="$INCLUDE" clean
-fi
+#Build VAL/PAL static library and Tests ELFs
+echo "make -f $SOURCE/tools/makefiles/Makefile $MAKE_OPTIONS USER_INCLUDE=\"$INCLUDE\" all "
+make -f $SOURCE/tools/makefiles/Makefile $MAKE_OPTIONS USER_INCLUDE="$INCLUDE" all
diff --git a/api-tests/tools/scripts/targetConfigGen.pl b/api-tests/tools/scripts/targetConfigGen.pl
index 3531afa..03658ef 100755
--- a/api-tests/tools/scripts/targetConfigGen.pl
+++ b/api-tests/tools/scripts/targetConfigGen.pl
@@ -37,8 +37,6 @@
# NOTE: Only C-style single line commenting is permitted inside targetConfig.cfg
#---------------------------------------------------------------------
-use List::MoreUtils qw(uniq);
-
print "\n>>>> Generating targetConfig data base... \n";
$source=$ARGV[0];
$build=$ARGV[1];
@@ -55,6 +53,11 @@
@unique_devices = undef;
+sub uniq {
+ my %seen;
+ grep !$seen{$_}++, @_;
+}
+
open(IN, $targetConfigPath) or die "Unable to open $targetConfigPath $!";
open(OUT, '>', $output_c) or die "Unable to open: $!";
@@ -229,7 +232,7 @@
print OUT "\nreturn 0;\}\/\/int main";
#generate target_database.h file
-print "gcc $output_c -o $build/platform/$target/targetConfigGen -I$source/val/nspe -I$source/val/common\n";
-system("gcc $output_c -o $build/platform/$target/targetConfigGen -I$source/val/nspe -I$source/val/common") && die ("Failed to compile targetConfigGen.c \n");
+print "gcc -DTARGET_CFG_BUILD $output_c -o $build/platform/$target/targetConfigGen -I$source/val/nspe -I$source/val/common -I$source/platform/targets/$target/nspe/\n";
+system("gcc -DTARGET_CFG_BUILD $output_c -o $build/platform/$target/targetConfigGen -I$source/val/nspe -I$source/val/common -I$source/platform/targets/$target/nspe/") && die ("Failed to compile targetConfigGen.c \n");
print "./$build/platform/$target/targetConfigGen\n";
system("./$build/platform/$target/targetConfigGen ") && die ("Failed to generate targetConfig data base \n");
diff --git a/api-tests/tools/scripts/test_elf_combine.pl b/api-tests/tools/scripts/test_elf_combine.pl
index 519b503..109a4e7 100755
--- a/api-tests/tools/scripts/test_elf_combine.pl
+++ b/api-tests/tools/scripts/test_elf_combine.pl
@@ -18,7 +18,6 @@
use File::Find;
use File::Basename;
-use List::MoreUtils 'uniq';
print "\n>>>> Combining test ELFs... \n";
diff --git a/api-tests/val/common/val.h b/api-tests/val/common/val.h
index de9cd8c..3e9a9d7 100644
--- a/api-tests/val/common/val.h
+++ b/api-tests/val/common/val.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,18 +18,7 @@
#ifndef _VAL_COMMON_H_
#define _VAL_COMMON_H_
-#include <string.h>
-#include <stdint.h>
-#include <stdlib.h>
-
-/* typedef's */
-typedef uint8_t bool_t;
-typedef uint32_t addr_t;
-typedef uint32_t test_id_t;
-typedef uint32_t block_id_t;
-typedef char char8_t;
-typedef uint32_t cfg_id_t;
-
+#include "pal_common.h"
#ifndef VAL_NSPE_BUILD
#define STATIC_DECLARE static
@@ -84,17 +73,22 @@
#define IS_TEST_PENDING(status) (((status >> TEST_STATE_BIT) & TEST_STATE_MASK) == TEST_PENDING)
#define IS_TEST_START(status) (((status >> TEST_STATE_BIT) & TEST_STATE_MASK) == TEST_START)
#define IS_TEST_END(status) (((status >> TEST_STATE_BIT) & TEST_STATE_MASK) == TEST_END)
-#define VAL_ERROR(status) (status?1:0)
+#define VAL_ERROR(status) ((status & TEST_STATUS_MASK) ? 1 : 0)
/* Test Defines */
#define TEST_PUBLISH(test_id, entry) \
- const val_test_info_t __attribute__((section(".acs_test_info"))) CONCAT(acs_test_info, entry) = {test_id, entry}
+ const val_test_info_t __attribute__((section(".acs_test_info"))) \
+ CONCAT(acs_test_info, entry) = {test_id, entry}
-#define VAL_MAX_TEST_PER_COMP 200
-#define VAL_FF_BASE 0
-#define VAL_CRYPTO_BASE 1
+#define VAL_MAX_TEST_PER_COMP 200
+#define VAL_FF_BASE 0
+#define VAL_CRYPTO_BASE 1
+#define VAL_PROTECTED_STORAGE_BASE 2
+#define VAL_INTERNAL_TRUSTED_STORAGE_BASE 3
+#define VAL_INITIAL_ATTESTATION_BASE 4
+
#define VAL_GET_COMP_NUM(test_id) \
((test_id - (test_id % VAL_MAX_TEST_PER_COMP)) / VAL_MAX_TEST_PER_COMP)
#define VAL_GET_TEST_NUM(test_id) (test_id % VAL_MAX_TEST_PER_COMP)
@@ -102,7 +96,7 @@
#define TEST_FIELD(num1,num2) (num2 << 8 | num1)
#define GET_TEST_ISOLATION_LEVEL(num) (num & 0x3)
-#define GET_WD_TIMOUT_TYPE(num) ((num >> 8) & 0x3)
+#define GET_WD_TIMOUT_TYPE(num) ((num >> 8) & 0x7)
#define TEST_CHECKPOINT_NUM(n) n
#define TEST(n) n
@@ -121,9 +115,56 @@
#define VAL_NVMEM_BLOCK_SIZE 4
#define VAL_NVMEM_OFFSET(nvmem_idx) (nvmem_idx * VAL_NVMEM_BLOCK_SIZE)
-#define UART_INIT_SIGN 0xff
+#define UART_INIT_SIGN 0xff
#define UART_PRINT_SIGN 0xfe
+#define TEST_PANIC() \
+ do { \
+ } while(1)
+
+#define TEST_ASSERT_EQUAL(arg1, arg2, checkpoint) \
+ do { \
+ if ((arg1) != arg2) \
+ { \
+ val->print(PRINT_ERROR, "\tFailed at Checkpoint: %d\n", checkpoint); \
+ val->print(PRINT_ERROR, "\tActual: %d\n", arg1); \
+ val->print(PRINT_ERROR, "\tExpected: %d\n", arg2); \
+ return 1; \
+ } \
+ } while (0)
+
+#define TEST_ASSERT_DUAL(arg1, status1, status2, checkpoint) \
+ do { \
+ if ((arg1) != status1 && (arg1) != status2) \
+ { \
+ val->print(PRINT_ERROR, "\tFailed at Checkpoint: %d\n", checkpoint); \
+ val->print(PRINT_ERROR, "\tActual: %d\n", arg1); \
+ val->print(PRINT_ERROR, "\tExpected: %d", status1); \
+ val->print(PRINT_ERROR, "or %d\n", status2); \
+ return 1; \
+ } \
+ } while (0)
+
+#define TEST_ASSERT_NOT_EQUAL(arg1, arg2, checkpoint) \
+ do { \
+ if ((arg1) == arg2) \
+ { \
+ val->print(PRINT_ERROR, "\tFailed at Checkpoint: %d\n", checkpoint); \
+ val->print(PRINT_ERROR, "\tValue: %d\n", arg1); \
+ return 1; \
+ } \
+ } while (0)
+
+#define TEST_ASSERT_MEMCMP(buf1, buf2, size, checkpoint) \
+ do { \
+ if (memcmp(buf1, buf2, size)) \
+ { \
+ val->print(PRINT_ERROR, "\tFailed at Checkpoint: %d : ", checkpoint); \
+ val->print(PRINT_ERROR, "Unequal data in compared buffers\n", 0); \
+ return 1; \
+ } \
+ } while (0)
+
/* enums */
typedef enum {
NONSECURE = 0x0,
@@ -152,29 +193,6 @@
NV_TEST_CNT = 0x3,
} nvmem_index_t;
-typedef enum {
- WD_INIT_SEQ = 0x1,
- WD_ENABLE_SEQ = 0x2,
- WD_DISABLE_SEQ = 0x3,
- WD_STATUS_SEQ = 0x4,
-} wd_fn_type_t;
-
-typedef enum {
- WD_LOW_TIMEOUT = 0x1,
- WD_MEDIUM_TIMEOUT = 0x2,
- WD_HIGH_TIMEOUT = 0x3,
-} wd_timeout_type_t;
-
-typedef enum {
- NVMEM_READ = 0x1,
- NVMEM_WRITE = 0x2,
-} nvmem_fn_type_t;
-
-typedef enum {
- UART_INIT = 0x1,
- UART_PRINT = 0x2,
-} uart_fn_type_t;
-
/* enums to report test sub-state */
typedef enum {
VAL_STATUS_SUCCESS = 0x0,
@@ -203,6 +221,9 @@
VAL_STATUS_INVALID_SIZE = 0x26,
VAL_STATUS_DATA_MISMATCH = 0x27,
VAL_STATUS_BOOT_EXPECTED_BUT_FAILED = 0x28,
+ VAL_STATUS_INIT_ALREADY_DONE = 0x29,
+ VAL_STATUS_HEAP_NOT_AVAILABLE = 0x2A,
+ VAL_STATUS_ERROR_MAX = INT_MAX,
} val_status_t;
/* verbosity enums */
@@ -215,6 +236,14 @@
PRINT_ALWAYS = 9
} print_verbosity_t;
+/* Interrupt test function id enums */
+typedef enum {
+ TEST_PSA_EOI_WITH_NON_INTR_SIGNAL = 1,
+ TEST_PSA_EOI_WITH_MULTIPLE_SIGNALS = 2,
+ TEST_PSA_EOI_WITH_UNASSERTED_SIGNAL = 3,
+ TEST_INTR_SERVICE = 4,
+} test_intr_fn_id_t;
+
/* typedef's */
typedef struct {
boot_state_t state;
@@ -228,20 +257,6 @@
} test_count_t;
typedef struct {
- wd_fn_type_t wd_fn_type;
- addr_t wd_base_addr;
- uint32_t wd_time_us;
- uint32_t wd_timer_tick_us;
-} wd_param_t;
-
-typedef struct {
- nvmem_fn_type_t nvmem_fn_type;
- addr_t base;
- uint32_t offset;
- int size;
-} nvmem_param_t;
-
-typedef struct {
uint16_t test_num;
uint8_t block_num;
} test_info_t;
diff --git a/api-tests/val/common/val_client_defs.h b/api-tests/val/common/val_client_defs.h
index 714b7a6..db7825c 100644
--- a/api-tests/val/common/val_client_defs.h
+++ b/api-tests/val/common/val_client_defs.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,51 +18,15 @@
#ifndef _VAL_CLIENT_H_
#define _VAL_CLIENT_H_
-/****************** PSA Client API *****************/
-
-/* Note - This header file containts the declaration of PSA defined client API elements.
- * Ideally, These elements must be defined in a header file <psa_client.h> by SPM implemented
- * library and provided to clients operation in NSPE and SPE as per the specification.
- * If this is available in the platform, the elements declared as part of this
- * file can be overwritten by passing --include <path_to_psa_client_h> to setup.sh script.
- */
-
-#if PSA_IPC_IMPLEMENTED
-/* psa/client.h: Contains the Client API elements. Accessible to all applications */
-#include "psa/client.h"
-
-/* psa_manifest/sid.h: Macro definitions derived from manifest files that map from RoT Service
- * names to Service IDs (SIDs).
- * Partition manifest parse build tool must provide the implementation of this file.
-*/
-#include "psa_manifest/sid.h"
-
-#else
-
-#include "pal_sid.h"
#include "val.h"
-#define PSA_FRAMEWORK_VERSION (0x0100)
-#define PSA_VERSION_NONE (0)
-#define PSA_SUCCESS (0)
-#define PSA_CONNECTION_REFUSED (INT32_MIN + 1)
-#define PSA_CONNECTION_BUSY (INT32_MIN + 2)
-#define PSA_DROP_CONNECTION (INT32_MIN)
-#define PSA_NULL_HANDLE ((psa_handle_t)0)
-
-typedef int32_t psa_status_t;
-typedef int32_t psa_handle_t;
-
-typedef struct psa_invec {
- const void *base;
- size_t len;
-} psa_invec;
-
-typedef struct psa_outvec {
- void *base;
- size_t len;
-} psa_outvec;
-
-#endif /* #if PSA_IPC_IMPLEMENTED */
#define INVALID_SID 0x0000FA20
+
+#ifndef CLIENT_TEST_DISPATCHER_SID
+#define CLIENT_TEST_DISPATCHER_SID 0x0
+#endif
+
+#ifndef SERVER_TEST_DISPATCHER_SID
+#define SERVER_TEST_DISPATCHER_SID 0x0
+#endif
#endif /* _VAL_CLIENT_H_ */
diff --git a/api-tests/val/common/val_target.c b/api-tests/val/common/val_target.c
index bd40eb2..e3b2980 100644
--- a/api-tests/val/common/val_target.c
+++ b/api-tests/val/common/val_target.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,8 +18,17 @@
#include "val_target.h"
#include "target_database.h"
+#ifdef USE_RAW_PRINT_FOR_DRIVER_PARTITION
+#define val_print(x, y, z) \
+ do { \
+ if (x >= VERBOSE) \
+ val_print_sf(y,z); \
+ } while(0)
+#else
__UNUSED STATIC_DECLARE val_status_t val_print
(print_verbosity_t verbosity, char *string, uint32_t data);
+#endif
+
/**
@brief - Returns the base address of target configuration block database.
@param - blob : Populates the base address
diff --git a/api-tests/val/common/val_target.h b/api-tests/val/common/val_target.h
index 55d4556..c32f0a5 100644
--- a/api-tests/val/common/val_target.h
+++ b/api-tests/val/common/val_target.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -62,7 +62,10 @@
} soc_peripheral_cfg_id_t;
typedef enum _MEMORY_CONFIG_ID_ {
- MEMORY_NVMEM = 0x2
+ MEMORY_NVMEM = 0x2,
+ MEMORY_NSPE_MMIO = 0x3,
+ MEMORY_CLIENT_PARTITION_MMIO = 0x4,
+ MEMORY_DRIVER_PARTITION_MMIO = 0x5,
} memory_cfg_id_t;
typedef enum _MISCELLANEOUS_CONFIG_ID_ {
@@ -74,12 +77,15 @@
Assign group type to each system component
**/
typedef enum _COMPONENT_GROUPING_{
- UART = GROUP_SOC_PERIPHERAL,
- TIMER = GROUP_SOC_PERIPHERAL,
- WATCHDOG = GROUP_SOC_PERIPHERAL,
- NVMEM = GROUP_MEMORY,
- BOOT = GROUP_MISCELLANEOUS,
- DUT = GROUP_MISCELLANEOUS,
+ UART = GROUP_SOC_PERIPHERAL,
+ TIMER = GROUP_SOC_PERIPHERAL,
+ WATCHDOG = GROUP_SOC_PERIPHERAL,
+ NVMEM = GROUP_MEMORY,
+ NSPE_MMIO = GROUP_MEMORY,
+ CLIENT_PARTITION_MMIO = GROUP_MEMORY,
+ DRIVER_PARTITION_MMIO = GROUP_MEMORY,
+ BOOT = GROUP_MISCELLANEOUS,
+ DUT = GROUP_MISCELLANEOUS,
} comp_group_assign_t;
/**
@@ -169,6 +175,7 @@
uint32_t timeout_in_micro_sec_low;
uint32_t timeout_in_micro_sec_medium;
uint32_t timeout_in_micro_sec_high;
+ uint32_t timeout_in_micro_sec_crypto;
uint32_t num_of_tick_per_micro_sec;
dev_attr_t attribute;
} soc_peripheral_desc_t;
diff --git a/api-tests/val/nspe/pal_interfaces_ns.h b/api-tests/val/nspe/pal_interfaces_ns.h
index 4e3ba03..186a5fc 100644
--- a/api-tests/val/nspe/pal_interfaces_ns.h
+++ b/api-tests/val/nspe/pal_interfaces_ns.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -151,5 +151,37 @@
* valist : variable argument list
* @return - error status
**/
-uint32_t pal_crypto_function(int type, va_list valist);
+int32_t pal_crypto_function(int type, va_list valist);
+
+/**
+ * @brief - This API will call the requested internal trusted storage function
+ * @param - type : function code
+ * valist : variable argument list
+ * @return - error status
+**/
+uint32_t pal_its_function(int type, va_list valist);
+
+/**
+ * @brief - This API will call the requested protected storage function
+ * @param - type : function code
+ * valist : variable argument list
+ * @return - error status
+**/
+uint32_t pal_ps_function(int type, va_list valist);
+
+/**
+ * @brief - This API will call the requested attestation function
+ * @param - type : function code
+ * valist : variable argument list
+ * @return - error status
+**/
+int32_t pal_attestation_function(int type, va_list valist);
+
+/**
+ * @brief - Terminates the simulation at the end of all tests completion.
+ * By default, it put cpus into power down mode.
+ * @param - void
+ * @return - void
+**/
+void pal_terminate_simulation(void);
#endif
diff --git a/api-tests/val/nspe/val_attestation.c b/api-tests/val/nspe/val_attestation.c
new file mode 100644
index 0000000..cd8069a
--- /dev/null
+++ b/api-tests/val/nspe/val_attestation.c
@@ -0,0 +1,40 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_target.h"
+#include "pal_interfaces_ns.h"
+#include "val_framework.h"
+#include "val_client_defs.h"
+#include "val_attestation.h"
+
+/**
+ @brief - This API will call the requested attestation function
+ @param - type : function code
+ ... : variable number of arguments
+ @return - Error status
+**/
+
+int32_t val_attestation_function(int type, ...)
+{
+ va_list valist;
+ val_status_t status;
+
+ va_start(valist, type);
+ status = pal_attestation_function(type, valist);
+ va_end(valist);
+ return status;
+}
diff --git a/api-tests/val/nspe/val_attestation.h b/api-tests/val/nspe/val_attestation.h
new file mode 100644
index 0000000..172b94e
--- /dev/null
+++ b/api-tests/val/nspe/val_attestation.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_INITIAL_ATTESTATION_H_
+#define _VAL_INITIAL_ATTESTATION_H_
+
+#include "val.h"
+
+#define TOO_SMALL_TOKEN_BUFFER 16
+#define CHALLENGE_SIZE 16
+#define MAX_CHALLENGE_SIZE 64
+
+enum attestation_function_code {
+ VAL_INITIAL_ATTEST_GET_TOKEN = 0x1,
+};
+
+int32_t val_attestation_function(int type, ...);
+#endif /* _VAL_INITIAL_ATTESTATION_H_ */
diff --git a/api-tests/val/nspe/val_crypto.c b/api-tests/val/nspe/val_crypto.c
index 4f6e968..764b44a 100644
--- a/api-tests/val/nspe/val_crypto.c
+++ b/api-tests/val/nspe/val_crypto.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -27,7 +27,7 @@
... : variable number of arguments
@return - Error status
**/
-val_status_t val_crypto_function(int type, ...)
+int32_t val_crypto_function(int type, ...)
{
va_list valist;
val_status_t status;
@@ -37,17 +37,3 @@
va_end(valist);
return status;
}
-
-/**
- @brief - Checks if the key type is of raw bits
- @param - type : type of the key
- @return - True : If key type is raw bits
- False: If key type is not raw bits
-**/
-int32_t val_crypto_key_type_is_raw(psa_key_type_t type)
-{
- psa_key_type_t category = type & PSA_KEY_TYPE_CATEGORY_MASK;
-
- return (category == PSA_KEY_TYPE_RAW_DATA ||
- category == PSA_KEY_TYPE_CATEGORY_SYMMETRIC);
-}
diff --git a/api-tests/val/nspe/val_crypto.h b/api-tests/val/nspe/val_crypto.h
index 366bce7..6cb1b2f 100644
--- a/api-tests/val/nspe/val_crypto.h
+++ b/api-tests/val/nspe/val_crypto.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -19,15 +19,9 @@
#define _VAL_CRYPTO_H_
#include "val.h"
-#include <stdarg.h>
-
-#if PSA_IPC_IMPLEMENTED
-#include "psa/client.h"
-#else
-typedef int32_t psa_status_t;
-#endif
#define BYTES_TO_BITS(byte) (byte * 8)
+
/* Size */
#define AES_16B_KEY_SIZE 16
#define AES_24B_KEY_SIZE 24
@@ -37,11 +31,14 @@
#define DES_8B_KEY_SIZE 8
#define DES3_2KEY_SIZE 16
#define DES3_3KEY_SIZE 24
+#define SIZE_32B 32
+#define SIZE_50B 50
#define SIZE_128B 128
#define SIZE_256B 256
#define SIZE_512B 512
#define BUFFER_SIZE 1200
#define HASH_64B 64
+#define BUFFER_SIZE_HIGH 5130
/* Key Slot */
#define INVALID_KEY_SLOT 0xDEAD
@@ -49,181 +46,9 @@
#define OCCUPIED_KEY_SLOT 1
#define MAX_KEY_SLOT 32
-/* Key Type */
-#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x50000001)
-#define PSA_KEY_TYPE_DERIVE ((psa_key_type_t)0x52000000)
-#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x70000000)
-#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x40000000)
-#define PSA_KEY_TYPE_PAIR_FLAG ((psa_key_type_t)0x10000000)
-#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x40000001)
-#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x40000002)
-#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000)
-#define PSA_KEY_TYPE_RSA_KEYPAIR ((psa_key_type_t)0x70010000)
-#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x80000000)
-#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000)
-#define PSA_KEY_TYPE_ECC_KEYPAIR_BASE ((psa_key_type_t)0x70030000)
-#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff)
-
-/* Key Lifetime */
-#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000)
-#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001)
-#define PSA_KEY_LIFETIME_WRITE_ONCE ((psa_key_lifetime_t)0x7fffffff)
-#define PSA_KEY_LIFETIME_INVALID ((psa_key_lifetime_t)0xffffffff)
-
-/* Algorithm */
-#define PSA_ALG_BLOCK_CIPHER_PAD_NONE ((psa_algorithm_t)0x00000000)
-#define PSA_ALG_BLOCK_CIPHER_BASE ((psa_algorithm_t)0x04000000)
-#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001)
-#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100)
-#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200)
-#define PSA_KEY_USAGE_SIGN ((psa_key_usage_t)0x00000400)
-#define PSA_KEY_USAGE_VERIFY ((psa_key_usage_t)0x00000800)
-#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00001000)
-#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x10020000)
-#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x10060000)
-#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x12000000)
-#define PSA_ALG_RSA_PKCS1V15_CRYPT ((psa_algorithm_t)0x12020000)
-#define PSA_ALG_HMAC_BASE ((psa_algorithm_t)0x02800000)
-#define PSA_ALG_CIPHER_MAC_BASE ((psa_algorithm_t)0x02c00000)
-#define PSA_ALG_CBC_MAC ((psa_algorithm_t)0x02c00001)
-#define PSA_ALG_CMAC ((psa_algorithm_t)0x02c00002)
-#define PSA_ALG_GMAC ((psa_algorithm_t)0x02c00003)
-#define PSA_ALG_CFB ((psa_algorithm_t)0x04c00002)
-#define PSA_ALG_CCM ((psa_algorithm_t)0x06001001)
-#define PSA_ALG_GCM ((psa_algorithm_t)0x06001002)
-#define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE
-#define PSA_ALG_HKDF_BASE ((psa_algorithm_t)0x30000100)
-#define PSA_KEY_USAGE_INVALID 0xFFFFFFFF
-#define PSA_ALG_INVALID 0xFFFFFFFF
-
-/* Hash Algorithm */
-#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x01000000)
-#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff)
-#define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001)
-#define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002)
-#define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003)
-#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000004)
-#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000005)
-#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008)
-#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x01000009)
-#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0100000a)
-#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0100000b)
-#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0100000c)
-#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0100000d)
-#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x01000010)
-#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x01000011)
-#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x01000012)
-#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013)
-
-/* Error codes */
-#define PSA_ERROR_UNKNOWN_ERROR ((psa_status_t)1)
-#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)2)
-#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)3)
-#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)4)
-#define PSA_ERROR_OCCUPIED_SLOT ((psa_status_t)5)
-#define PSA_ERROR_EMPTY_SLOT ((psa_status_t)6)
-#define PSA_ERROR_BAD_STATE ((psa_status_t)7)
-#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)8)
-#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)9)
-#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)10)
-#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)11)
-#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)12)
-#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)13)
-#define PSA_ERROR_TAMPERING_DETECTED ((psa_status_t)14)
-#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)15)
-#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)16)
-#define PSA_ERROR_INVALID_PADDING ((psa_status_t)17)
-#define PSA_ERROR_INSUFFICIENT_CAPACITY ((psa_status_t)18)
-
-/* Encoding of curve identifiers */
-#define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x0001)
-#define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x0002)
-#define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x0003)
-#define PSA_ECC_CURVE_SECT193R1 ((psa_ecc_curve_t) 0x0004)
-#define PSA_ECC_CURVE_SECT193R2 ((psa_ecc_curve_t) 0x0005)
-#define PSA_ECC_CURVE_SECT233K1 ((psa_ecc_curve_t) 0x0006)
-#define PSA_ECC_CURVE_SECT233R1 ((psa_ecc_curve_t) 0x0007)
-#define PSA_ECC_CURVE_SECT239K1 ((psa_ecc_curve_t) 0x0008)
-#define PSA_ECC_CURVE_SECT283K1 ((psa_ecc_curve_t) 0x0009)
-#define PSA_ECC_CURVE_SECT283R1 ((psa_ecc_curve_t) 0x000a)
-#define PSA_ECC_CURVE_SECT409K1 ((psa_ecc_curve_t) 0x000b)
-#define PSA_ECC_CURVE_SECT409R1 ((psa_ecc_curve_t) 0x000c)
-#define PSA_ECC_CURVE_SECT571K1 ((psa_ecc_curve_t) 0x000d)
-#define PSA_ECC_CURVE_SECT571R1 ((psa_ecc_curve_t) 0x000e)
-#define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t) 0x000f)
-#define PSA_ECC_CURVE_SECP160R1 ((psa_ecc_curve_t) 0x0010)
-#define PSA_ECC_CURVE_SECP160R2 ((psa_ecc_curve_t) 0x0011)
-#define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t) 0x0012)
-#define PSA_ECC_CURVE_SECP192R1 ((psa_ecc_curve_t) 0x0013)
-#define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t) 0x0014)
-#define PSA_ECC_CURVE_SECP224R1 ((psa_ecc_curve_t) 0x0015)
-#define PSA_ECC_CURVE_SECP256K1 ((psa_ecc_curve_t) 0x0016)
-#define PSA_ECC_CURVE_SECP256R1 ((psa_ecc_curve_t) 0x0017)
-#define PSA_ECC_CURVE_SECP384R1 ((psa_ecc_curve_t) 0x0018)
-#define PSA_ECC_CURVE_SECP521R1 ((psa_ecc_curve_t) 0x0019)
-#define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t) 0x001a)
-#define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t) 0x001b)
-#define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x001c)
-#define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d)
-#define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e)
-#define PSA_ECC_CURVE_FFDHE_2048 ((psa_ecc_curve_t) 0x0100)
-#define PSA_ECC_CURVE_FFDHE_3072 ((psa_ecc_curve_t) 0x0101)
-#define PSA_ECC_CURVE_FFDHE_4096 ((psa_ecc_curve_t) 0x0102)
-#define PSA_ECC_CURVE_FFDHE_6144 ((psa_ecc_curve_t) 0x0103)
-#define PSA_ECC_CURVE_FFDHE_8192 ((psa_ecc_curve_t) 0x0104)
-
-#define PSA_ALG_HMAC_HASH(hmac_alg) \
- (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
-
-/* The size of the output hash */
-#define PSA_HASH_SIZE(alg) \
- ( \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD2 ? 16 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD4 ? 16 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD5 ? 16 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_224 ? 28 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_256 ? 32 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_384 ? 48 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512 ? 64 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_224 ? 28 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_256 ? 32 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_384 ? 48 : \
- PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_512 ? 64 : \
- 0)
-
-/** The public key type corresponding to a key pair type. */
-#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) \
- ((type) & ~PSA_KEY_TYPE_PAIR_FLAG)
-
-/** Whether a key type is an RSA key (pair or public-only). */
-#define PSA_KEY_TYPE_IS_RSA(type) \
- (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
-
-/** Whether a key type is an elliptic curve key (pair or public-only). */
-#define PSA_KEY_TYPE_IS_ECC(type) \
- ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) & \
- ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
-#define PSA_KEY_TYPE_IS_ECC_KEYPAIR(type) \
- (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
- PSA_KEY_TYPE_ECC_KEYPAIR_BASE)
-#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \
- (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
- PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
-
-/*Macro to build an HMAC algorithm */
-#define PSA_ALG_HKDF(hash_alg) \
- (PSA_ALG_HKDF_BASE | ((hash_alg) & PSA_ALG_HASH_MASK))
-
-typedef uint16_t psa_ecc_curve_t;
-typedef uint32_t psa_key_usage_t;
-typedef uint32_t psa_algorithm_t;
-typedef uint32_t psa_key_type_t;
-typedef uint32_t psa_key_slot_t;
-typedef uint32_t psa_key_lifetime_t;
+#define PSA_KEY_LIFETIME_INVALID 0xFFFFFFFF
+#define PSA_KEY_USAGE_INVALID 0xFFFFFFFF
+#define PSA_ALG_INVALID 0xFFFFFFFF
enum crypto_function_code {
VAL_CRYPTO_INIT = 0x1,
@@ -241,7 +66,6 @@
VAL_CRYPTO_GET_KEY_POLICY = 0xD,
VAL_CRYPTO_GET_KEY_INFORMATION = 0xE,
VAL_CRYPTO_GET_KEY_LIFETIME = 0xF,
- VAL_CRYPTO_SET_KEY_LIFETIME = 0x10,
VAL_CRYPTO_HASH_SETUP = 0x11,
VAL_CRYPTO_HASH_UPDATE = 0x12,
VAL_CRYPTO_HASH_VERIFY = 0x13,
@@ -251,314 +75,31 @@
VAL_CRYPTO_GENERATOR_READ = 0x17,
VAL_CRYPTO_KEY_DERIVATION = 0x18,
VAL_CRYPTO_GET_GENERATOR_CAPACITY = 0x19,
- VAL_CRYPTO_GENERATOR_IMPORT_KEY = 0x20,
- VAL_CRYPTO_GENERATOR_ABORT = 0x21,
- VAL_CRYPTO_AEAD_ENCRYPT = 0x22,
- VAL_CRYPTO_MAC_SIGN_SETUP,
+ VAL_CRYPTO_GENERATOR_IMPORT_KEY = 0x1A,
+ VAL_CRYPTO_GENERATOR_ABORT = 0x1B,
+ VAL_CRYPTO_AEAD_ENCRYPT = 0x1C,
+ VAL_CRYPTO_AEAD_DECRYPT = 0x1D,
+ VAL_CRYPTO_MAC_SIGN_SETUP = 0x1E,
+ VAL_CRYPTO_MAC_UPDATE = 0x1F,
+ VAL_CRYPTO_MAC_SIGN_FINISH = 0x20,
+ VAL_CRYPTO_MAC_VERIFY_SETUP = 0x21,
+ VAL_CRYPTO_MAC_VERIFY_FINISH = 0x22,
+ VAL_CRYPTO_MAC_ABORT = 0x23,
+ VAL_CRYPTO_ASYMMTERIC_ENCRYPT = 0x24,
+ VAL_CRYPTO_ASYMMTERIC_DECRYPT = 0x25,
+ VAL_CRYPTO_CIPHER_ENCRYPT_SETUP = 0x26,
+ VAL_CRYPTO_CIPHER_DECRYPT_SETUP = 0x2A,
+ VAL_CRYPTO_CIPHER_GENERATE_IV = 0x2B,
+ VAL_CRYPTO_CIPHER_SET_IV = 0x2C,
+ VAL_CRYPTO_CIPHER_UPDATE = 0x2D,
+ VAL_CRYPTO_CIPHER_FINISH = 0x2E,
+ VAL_CRYPTO_CIPHER_ABORT = 0x2F,
+ VAL_CRYPTO_ASYMMTERIC_SIGN = 0x30,
+ VAL_CRYPTO_ASYMMTERIC_VERIFY = 0x31,
+ VAL_CRYPTO_KEY_AGREEMENT = 0x32,
+ VAL_CRYPTO_ALLOCATE_KEY = 0x33,
VAL_CRYPTO_FREE = 0xFE,
};
-struct psa_key_policy_s {
- psa_key_usage_t usage;
- psa_algorithm_t alg;
-};
-
-typedef struct {
- unsigned char cksum[16]; /*!< checksum of the data block */
- unsigned char state[48]; /*!< intermediate digest state */
- unsigned char buffer[16]; /*!< data block being processed */
- size_t left; /*!< amount of data in buffer */
-} mbedtls_md2_context;
-
-typedef struct {
- uint32_t total[2]; /*!< number of bytes processed */
- uint32_t state[4]; /*!< intermediate digest state */
- unsigned char buffer[64]; /*!< data block being processed */
-} mbedtls_md4_context;
-
-typedef struct {
- uint32_t total[2]; /*!< number of bytes processed */
- uint32_t state[4]; /*!< intermediate digest state */
- unsigned char buffer[64]; /*!< data block being processed */
-} mbedtls_md5_context;
-
-typedef struct {
- uint32_t total[2]; /*!< number of bytes processed */
- uint32_t state[5]; /*!< intermediate digest state */
- unsigned char buffer[64]; /*!< data block being processed */
-} mbedtls_ripemd160_context;
-
-typedef struct {
- uint32_t total[2]; /*!< The number of Bytes processed. */
- uint32_t state[5]; /*!< The intermediate digest state. */
- unsigned char buffer[64]; /*!< The data block being processed. */
-} mbedtls_sha1_context;
-
-typedef struct {
- uint32_t total[2]; /*!< The number of Bytes processed. */
- uint32_t state[8]; /*!< The intermediate digest state. */
- unsigned char buffer[64]; /*!< The data block being processed. */
- int is224; /*!< Determines which function to use:
- 0: Use SHA-256, or 1: Use SHA-224. */
-} mbedtls_sha256_context;
-
-typedef struct {
- uint64_t total[2]; /*!< The number of Bytes processed. */
- uint64_t state[8]; /*!< The intermediate digest state. */
- unsigned char buffer[128]; /*!< The data block being processed. */
- int is384; /*!< Determines which function to use:
- 0: Use SHA-512, or 1: Use SHA-384. */
-} mbedtls_sha512_context;
-
-typedef struct mbedtls_cipher_base_t mbedtls_cipher_base_t;
-
-/**
- * \brief Supported {cipher type, cipher mode} pairs.
- *
- * \warning RC4 and DES are considered weak ciphers and their use
- * constitutes a security risk. Arm recommends considering stronger
- * ciphers instead.
- */
-typedef enum {
- MBEDTLS_CIPHER_NONE = 0, /**< Placeholder to mark the end of cipher-pair lists. */
- MBEDTLS_CIPHER_NULL, /**< The identity stream cipher. */
- MBEDTLS_CIPHER_AES_128_ECB, /**< AES cipher with 128-bit ECB mode. */
- MBEDTLS_CIPHER_AES_192_ECB, /**< AES cipher with 192-bit ECB mode. */
- MBEDTLS_CIPHER_AES_256_ECB, /**< AES cipher with 256-bit ECB mode. */
- MBEDTLS_CIPHER_AES_128_CBC, /**< AES cipher with 128-bit CBC mode. */
- MBEDTLS_CIPHER_AES_192_CBC, /**< AES cipher with 192-bit CBC mode. */
- MBEDTLS_CIPHER_AES_256_CBC, /**< AES cipher with 256-bit CBC mode. */
- MBEDTLS_CIPHER_AES_128_CFB128, /**< AES cipher with 128-bit CFB128 mode. */
- MBEDTLS_CIPHER_AES_192_CFB128, /**< AES cipher with 192-bit CFB128 mode. */
- MBEDTLS_CIPHER_AES_256_CFB128, /**< AES cipher with 256-bit CFB128 mode. */
- MBEDTLS_CIPHER_AES_128_CTR, /**< AES cipher with 128-bit CTR mode. */
- MBEDTLS_CIPHER_AES_192_CTR, /**< AES cipher with 192-bit CTR mode. */
- MBEDTLS_CIPHER_AES_256_CTR, /**< AES cipher with 256-bit CTR mode. */
- MBEDTLS_CIPHER_AES_128_GCM, /**< AES cipher with 128-bit GCM mode. */
- MBEDTLS_CIPHER_AES_192_GCM, /**< AES cipher with 192-bit GCM mode. */
- MBEDTLS_CIPHER_AES_256_GCM, /**< AES cipher with 256-bit GCM mode. */
- MBEDTLS_CIPHER_CAMELLIA_128_ECB, /**< Camellia cipher with 128-bit ECB mode. */
- MBEDTLS_CIPHER_CAMELLIA_192_ECB, /**< Camellia cipher with 192-bit ECB mode. */
- MBEDTLS_CIPHER_CAMELLIA_256_ECB, /**< Camellia cipher with 256-bit ECB mode. */
- MBEDTLS_CIPHER_CAMELLIA_128_CBC, /**< Camellia cipher with 128-bit CBC mode. */
- MBEDTLS_CIPHER_CAMELLIA_192_CBC, /**< Camellia cipher with 192-bit CBC mode. */
- MBEDTLS_CIPHER_CAMELLIA_256_CBC, /**< Camellia cipher with 256-bit CBC mode. */
- MBEDTLS_CIPHER_CAMELLIA_128_CFB128, /**< Camellia cipher with 128-bit CFB128 mode. */
- MBEDTLS_CIPHER_CAMELLIA_192_CFB128, /**< Camellia cipher with 192-bit CFB128 mode. */
- MBEDTLS_CIPHER_CAMELLIA_256_CFB128, /**< Camellia cipher with 256-bit CFB128 mode. */
- MBEDTLS_CIPHER_CAMELLIA_128_CTR, /**< Camellia cipher with 128-bit CTR mode. */
- MBEDTLS_CIPHER_CAMELLIA_192_CTR, /**< Camellia cipher with 192-bit CTR mode. */
- MBEDTLS_CIPHER_CAMELLIA_256_CTR, /**< Camellia cipher with 256-bit CTR mode. */
- MBEDTLS_CIPHER_CAMELLIA_128_GCM, /**< Camellia cipher with 128-bit GCM mode. */
- MBEDTLS_CIPHER_CAMELLIA_192_GCM, /**< Camellia cipher with 192-bit GCM mode. */
- MBEDTLS_CIPHER_CAMELLIA_256_GCM, /**< Camellia cipher with 256-bit GCM mode. */
- MBEDTLS_CIPHER_DES_ECB, /**< DES cipher with ECB mode. */
- MBEDTLS_CIPHER_DES_CBC, /**< DES cipher with CBC mode. */
- MBEDTLS_CIPHER_DES_EDE_ECB, /**< DES cipher with EDE ECB mode. */
- MBEDTLS_CIPHER_DES_EDE_CBC, /**< DES cipher with EDE CBC mode. */
- MBEDTLS_CIPHER_DES_EDE3_ECB, /**< DES cipher with EDE3 ECB mode. */
- MBEDTLS_CIPHER_DES_EDE3_CBC, /**< DES cipher with EDE3 CBC mode. */
- MBEDTLS_CIPHER_BLOWFISH_ECB, /**< Blowfish cipher with ECB mode. */
- MBEDTLS_CIPHER_BLOWFISH_CBC, /**< Blowfish cipher with CBC mode. */
- MBEDTLS_CIPHER_BLOWFISH_CFB64, /**< Blowfish cipher with CFB64 mode. */
- MBEDTLS_CIPHER_BLOWFISH_CTR, /**< Blowfish cipher with CTR mode. */
- MBEDTLS_CIPHER_ARC4_128, /**< RC4 cipher with 128-bit mode. */
- MBEDTLS_CIPHER_AES_128_CCM, /**< AES cipher with 128-bit CCM mode. */
- MBEDTLS_CIPHER_AES_192_CCM, /**< AES cipher with 192-bit CCM mode. */
- MBEDTLS_CIPHER_AES_256_CCM, /**< AES cipher with 256-bit CCM mode. */
- MBEDTLS_CIPHER_CAMELLIA_128_CCM, /**< Camellia cipher with 128-bit CCM mode. */
- MBEDTLS_CIPHER_CAMELLIA_192_CCM, /**< Camellia cipher with 192-bit CCM mode. */
- MBEDTLS_CIPHER_CAMELLIA_256_CCM, /**< Camellia cipher with 256-bit CCM mode. */
-} mbedtls_cipher_type_t;
-
-/** Supported cipher modes. */
-typedef enum {
- MBEDTLS_MODE_NONE = 0, /**< None. */
- MBEDTLS_MODE_ECB, /**< The ECB cipher mode. */
- MBEDTLS_MODE_CBC, /**< The CBC cipher mode. */
- MBEDTLS_MODE_CFB, /**< The CFB cipher mode. */
- MBEDTLS_MODE_OFB, /**< The OFB cipher mode - unsupported. */
- MBEDTLS_MODE_CTR, /**< The CTR cipher mode. */
- MBEDTLS_MODE_GCM, /**< The GCM cipher mode. */
- MBEDTLS_MODE_STREAM, /**< The stream cipher mode. */
- MBEDTLS_MODE_CCM, /**< The CCM cipher mode. */
-} mbedtls_cipher_mode_t;
-
-struct psa_hash_operation_s {
- psa_algorithm_t alg;
- union
- {
- unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
- mbedtls_md2_context md2;
- mbedtls_md4_context md4;
- mbedtls_md5_context md5;
- mbedtls_ripemd160_context ripemd160;
- mbedtls_sha1_context sha1;
- mbedtls_sha256_context sha256;
- mbedtls_sha512_context sha512;
- } ctx;
-};
-
-typedef struct {
- /** Full cipher identifier. For example,
- * MBEDTLS_CIPHER_AES_256_CBC.
- */
- mbedtls_cipher_type_t type;
-
- /** The cipher mode. For example, MBEDTLS_MODE_CBC. */
- mbedtls_cipher_mode_t mode;
-
- /** The cipher key length, in bits. This is the
- * default length for variable sized ciphers.
- * Includes parity bits for ciphers like DES.
- */
- unsigned int key_bitlen;
-
- /** Name of the cipher. */
- const char *name;
-
- /** IV or nonce size, in Bytes.
- * For ciphers that accept variable IV sizes,
- * this is the recommended size.
- */
- unsigned int iv_size;
-
- /** Bitflag comprised of MBEDTLS_CIPHER_VARIABLE_IV_LEN and
- * MBEDTLS_CIPHER_VARIABLE_KEY_LEN indicating whether the
- * cipher supports variable IV or variable key sizes, respectively.
- */
- int flags;
-
- /** The block size, in Bytes. */
- unsigned int block_size;
-
- /** Struct for base cipher information and functions. */
- const mbedtls_cipher_base_t *base;
-
-} mbedtls_cipher_info_t;
-
-/** Type of operation. */
-typedef enum {
- MBEDTLS_OPERATION_NONE = -1,
- MBEDTLS_DECRYPT = 0,
- MBEDTLS_ENCRYPT,
-} mbedtls_operation_t;
-
-/** Maximum length of any IV, in Bytes. */
-#define MBEDTLS_MAX_IV_LENGTH 16
-/** Maximum block size of any cipher, in Bytes. */
-#define MBEDTLS_MAX_BLOCK_LENGTH 16
-
-#if defined(MBEDTLS_SHA512_C)
-#define PSA_HASH_MAX_SIZE 64
-#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 128
-#else
-#define PSA_HASH_MAX_SIZE 32
-#define PSA_HMAC_MAX_HASH_BLOCK_SIZE 64
-#endif
-
-/**
- * Generic cipher context.
- */
-typedef struct {
- /** Information about the associated cipher. */
- const mbedtls_cipher_info_t *cipher_info;
-
- /** Key length to use. */
- int key_bitlen;
-
- /** Operation that the key of the context has been
- * initialized for.
- */
- mbedtls_operation_t operation;
-
-#if defined(MBEDTLS_CIPHER_MODE_WITH_PADDING)
- /** Padding functions to use, if relevant for
- * the specific cipher mode.
- */
- void (*add_padding)(unsigned char *output, size_t olen, size_t data_len);
- int (*get_padding)(unsigned char *input, size_t ilen, size_t *data_len);
-#endif
-
- /** Buffer for input that has not been processed yet. */
- unsigned char unprocessed_data[MBEDTLS_MAX_BLOCK_LENGTH];
-
- /** Number of Bytes that have not been processed yet. */
- size_t unprocessed_len;
-
- /** Current IV or NONCE_COUNTER for CTR-mode. */
- unsigned char iv[MBEDTLS_MAX_IV_LENGTH];
-
- /** IV size in Bytes, for ciphers with variable-length IVs. */
- size_t iv_size;
-
- /** The cipher-specific context. */
- void *cipher_ctx;
-
-#if defined(MBEDTLS_CMAC_C)
- /** CMAC-specific context. */
- mbedtls_cmac_context_t *cmac_ctx;
-#endif
-} mbedtls_cipher_context_t;
-
-typedef struct {
- /** The hash context. */
- struct psa_hash_operation_s hash_ctx;
- /** The HMAC part of the context. */
- uint8_t opad[PSA_HMAC_MAX_HASH_BLOCK_SIZE];
-} psa_hmac_internal_data;
-
-struct psa_mac_operation_s {
- psa_algorithm_t alg;
- unsigned int key_set : 1;
- unsigned int iv_required : 1;
- unsigned int iv_set : 1;
- unsigned int has_input : 1;
- unsigned int is_sign : 1;
- uint8_t mac_size;
- union {
- unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
-#if defined(MBEDTLS_MD_C)
- psa_hmac_internal_data hmac;
-#endif
-#if defined(MBEDTLS_CMAC_C)
- mbedtls_cipher_context_t cmac;
-#endif
- } ctx;
-};
-
-typedef struct {
- uint8_t *info;
- size_t info_length;
- psa_hmac_internal_data hmac;
- uint8_t prk[PSA_HASH_MAX_SIZE];
- uint8_t output_block[PSA_HASH_MAX_SIZE];
-#if PSA_HASH_MAX_SIZE > 0xff
-#error "PSA_HASH_MAX_SIZE does not fit in uint8_t"
-#endif
- uint8_t offset_in_block;
- uint8_t block_number;
-} psa_hkdf_generator_t;
-
-struct psa_crypto_generator_s {
- psa_algorithm_t alg;
- size_t capacity;
- union {
- struct {
- uint8_t *data;
- size_t size;
- } buffer;
-#if defined(MBEDTLS_MD_C)
- psa_hkdf_generator_t hkdf;
-#endif
- } ctx;
-};
-
-typedef struct psa_hash_operation_s psa_hash_operation_t;
-typedef struct psa_key_policy_s psa_key_policy_t;
-typedef struct psa_mac_operation_s psa_mac_operation_t;
-typedef struct psa_crypto_generator_s psa_crypto_generator_t;
-
-val_status_t val_crypto_function(int type, ...);
-int32_t val_crypto_key_type_is_raw(psa_key_type_t type);
+int32_t val_crypto_function(int type, ...);
#endif /* _VAL_CRYPTO_H_ */
diff --git a/api-tests/val/nspe/val_dispatcher.c b/api-tests/val/nspe/val_dispatcher.c
index bfa74bb..29c72dc 100644
--- a/api-tests/val/nspe/val_dispatcher.c
+++ b/api-tests/val/nspe/val_dispatcher.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -164,7 +164,7 @@
if (test_header.start_marker == VAL_TEST_END_MARKER)
{
- val_print(PRINT_ERROR, "\n\nNo more valid tests found. Exiting..", 0);
+ val_print(PRINT_DEBUG, "\n\nNo more valid tests found. Exiting..", 0);
*test_id = VAL_INVALID_TEST_ID;
return VAL_STATUS_SUCCESS;
}
@@ -194,14 +194,14 @@
if (test_header.start_marker == VAL_TEST_END_MARKER)
{
- val_print(PRINT_ERROR, "\n\nNo more valid tests found. Exiting.", 0);
+ val_print(PRINT_DEBUG, "\n\nNo more valid tests found. Exiting.", 0);
*test_id = VAL_INVALID_TEST_ID;
return VAL_STATUS_SUCCESS;
}
if (test_header.start_marker != VAL_TEST_START_MARKER)
{
- val_print(PRINT_ERROR, "\n\nNo valid test binary found. Exiting.", 0);
+ val_print(PRINT_ERROR, "\n\nError: No valid test binary found. Exiting.", 0);
*test_id = VAL_INVALID_TEST_ID;
return VAL_STATUS_LOAD_ERROR;
}
@@ -293,11 +293,17 @@
switch (VAL_GET_COMP_NUM(test_id))
{
case VAL_FF_BASE:
- return "\nRunning... IPC Suite";
+ return "IPC Suite";
case VAL_CRYPTO_BASE:
- return "\nRunning... Crypto Suite";
+ return "Crypto Suite";
+ case VAL_PROTECTED_STORAGE_BASE:
+ return "Protected Storage Suite";
+ case VAL_INTERNAL_TRUSTED_STORAGE_BASE:
+ return "Internal Trusted Storage Suite";
+ case VAL_INITIAL_ATTESTATION_BASE:
+ return "Attestation Suite";
default:
- return "No Component";
+ return "Unknown Suite";
}
}
@@ -334,7 +340,7 @@
status = val_get_boot_flag(&boot.state);
if (VAL_ERROR(status))
{
- break;
+ return;
}
/* Did last run test hang and system re-booted due to watchdog timeout and
@@ -348,6 +354,7 @@
if (VAL_ERROR(status))
{
val_print(PRINT_ERROR, "\n\tNVMEM read error", 0);
+ return;
}
}
/* Did last run test hang and system reset due to watchdog timeout but
@@ -363,13 +370,18 @@
if (VAL_ERROR(status))
{
val_print(PRINT_ERROR, "\n\tNVMEM read error", 0);
+ return;
}
}
else
{
status = val_test_load(&test_id, test_id_prev);
- if (test_id == VAL_INVALID_TEST_ID || VAL_ERROR(status))
+ if (VAL_ERROR(status))
+ {
+ return;
+ }
+ else if (test_id == VAL_INVALID_TEST_ID)
{
break;
}
@@ -379,11 +391,12 @@
if (VAL_ERROR(status))
{
val_print(PRINT_ERROR, "\n\tNVMEM write error", 0);
- break;
+ return;
}
if (VAL_GET_COMP_NUM(test_id_prev) != VAL_GET_COMP_NUM(test_id))
{
+ val_print(PRINT_ALWAYS, "\nRunning.. ", 0);
val_print(PRINT_ALWAYS, val_get_comp_name(test_id), 0);
val_print(PRINT_ALWAYS, "\n******************************************\n", 0);
}
@@ -394,7 +407,7 @@
status = val_set_boot_flag(BOOT_NOT_EXPECTED);
if (VAL_ERROR(status))
{
- break;
+ return;
}
}
val_execute_test_fn();
@@ -406,7 +419,7 @@
status = val_set_boot_flag(BOOT_UNKNOWN);
if (VAL_ERROR(status))
{
- break;
+ return;
}
/* Prepare suite summary data structure */
@@ -414,7 +427,7 @@
if (VAL_ERROR(status))
{
val_print(PRINT_ERROR, "\n\tNVMEM read error", 0);
- break;
+ return;
}
switch (test_result)
@@ -437,7 +450,7 @@
if (VAL_ERROR(status))
{
val_print(PRINT_ERROR, "\n\tNVMEM write error", 0);
- break;
+ return;
}
test_id_prev = test_id;
@@ -446,7 +459,7 @@
if (VAL_ERROR(status))
{
val_print(PRINT_ERROR, "\n\tNVMEM write error", 0);
- break;
+ return;
}
} while(1);
@@ -458,14 +471,16 @@
return;
}
- val_print(PRINT_ALWAYS, "\n\n************ REGRESSION SUMMARY **********\n", 0);
+ val_print(PRINT_ALWAYS, "\n************ ", 0);
+ val_print(PRINT_ALWAYS, val_get_comp_name(test_id_prev), 0);
+ val_print(PRINT_ALWAYS, " Report **********\n", 0);
val_print(PRINT_ALWAYS, "TOTAL TESTS : %d\n", test_count.pass_cnt + test_count.fail_cnt
+ test_count.skip_cnt + test_count.sim_error_cnt);
val_print(PRINT_ALWAYS, "TOTAL PASSED : %d\n", test_count.pass_cnt);
val_print(PRINT_ALWAYS, "TOTAL SIM ERROR : %d\n", test_count.sim_error_cnt);
val_print(PRINT_ALWAYS, "TOTAL FAILED : %d\n", test_count.fail_cnt);
val_print(PRINT_ALWAYS, "TOTAL SKIPPED : %d\n", test_count.skip_cnt);
- val_print(PRINT_ALWAYS, "\n******************************************\n", 0);
+ val_print(PRINT_ALWAYS, "******************************************\n", 0);
}
diff --git a/api-tests/val/nspe/val_entry.c b/api-tests/val/nspe/val_entry.c
index 616af07..cff5ded 100644
--- a/api-tests/val/nspe/val_entry.c
+++ b/api-tests/val/nspe/val_entry.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -42,7 +42,8 @@
/* Compliance header print */
if (test_id == VAL_INVALID_TEST_ID)
{
- val_print(PRINT_ALWAYS, "\n***** PSA Compliance Suite - Version %d.", PSA_ACS_MAJOR_VER);
+ val_print(PRINT_ALWAYS, "\n***** PSA Architecture Test Suite - Version %d.",
+ PSA_ACS_MAJOR_VER);
val_print(PRINT_ALWAYS, "%d *****\n", PSA_ACS_MINOR_VER);
}
@@ -50,9 +51,7 @@
val_dispatcher(test_id);
exit:
- val_print(PRINT_ALWAYS, "\n\nEntering standby\n", 0);
- while(1)
- {
- asm volatile("WFI");
- }
+ val_print(PRINT_ALWAYS, "\nEntering standby.. \n", 0);
+
+ pal_terminate_simulation();
}
diff --git a/api-tests/val/nspe/val_entry.h b/api-tests/val/nspe/val_entry.h
index 0293113..4903457 100644
--- a/api-tests/val/nspe/val_entry.h
+++ b/api-tests/val/nspe/val_entry.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -21,10 +21,10 @@
#include "val_framework.h"
#define PSA_ACS_MAJOR_VER 0
-#define PSA_ACS_MINOR_VER 5
+#define PSA_ACS_MINOR_VER 7
/**
- @brief - PSA C main function, does VAL init and calls test dispatcher
+ @brief - PSA Test Suite C main function, does VAL init and calls test dispatcher
@param - None
@return - void
**/
diff --git a/api-tests/val/nspe/val_framework.c b/api-tests/val/nspe/val_framework.c
index 0248adc..bbd459e 100644
--- a/api-tests/val/nspe/val_framework.c
+++ b/api-tests/val/nspe/val_framework.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -113,7 +113,7 @@
if (boot.state == BOOT_NOT_EXPECTED || boot.state == BOOT_EXPECTED_CRYPTO)
{
- val_print(PRINT_TEST,"[Info] Executing tests form non-secure\n", 0);
+ val_print(PRINT_TEST,"[Info] Executing tests from non-secure\n", 0);
while (tests_list[i] != NULL)
{
if (server_hs == TRUE)
@@ -125,7 +125,7 @@
if (VAL_ERROR(status))
{
val_set_status(RESULT_FAIL(status));
- val_print(PRINT_ERROR,"[Check%d] START\n", i);
+ val_print(PRINT_DEBUG,"[Check%d] START\n", i);
return status;
}
else
@@ -144,18 +144,27 @@
}
status = test_status ? test_status:status;
- if (VAL_ERROR(status))
+ if (IS_TEST_SKIP(status))
+ {
+ val_set_status(status);
+ if (server_hs == TRUE)
+ val_print(PRINT_DEBUG, "[Check%d] SKIPPED\n", i);
+ return status;
+ }
+ else if (VAL_ERROR(status))
{
val_set_status(RESULT_FAIL(status));
if (server_hs == TRUE)
- val_print(PRINT_ERROR,"[Check%d] FAILED\n", i);
+ val_print(PRINT_DEBUG, "[Check%d] FAILED\n", i);
+
return status;
}
else
{
if (server_hs == TRUE)
- val_print(PRINT_DEBUG,"[Check%d] PASSED\n", i);
+ val_print(PRINT_DEBUG, "[Check%d] PASSED\n", i);
}
+
i++;
}
}
@@ -165,7 +174,7 @@
status = VAL_STATUS_SUCCESS;
if (boot.state != BOOT_EXPECTED_S)
{
- val_print(PRINT_DEBUG,"[Check1] PASSED\n", 0);
+ val_print(PRINT_DEBUG, "[Check1] PASSED\n", 0);
}
}
return status;
@@ -210,6 +219,11 @@
/* Retrive secure client test status */
status = val_get_secure_test_result(&handle);
+ if (IS_TEST_SKIP(status))
+ {
+ val_set_status(status);
+ return status;
+ }
if (VAL_ERROR(status))
{
goto exit;
@@ -219,7 +233,7 @@
else
{
/* If we are here means, we are in third run of this test */
- val_print(PRINT_DEBUG,"[Check1] PASSED\n", 0);
+ val_print(PRINT_DEBUG, "[Check1] PASSED\n", 0);
return VAL_STATUS_SUCCESS;
}
@@ -245,7 +259,6 @@
psa_status_t status_of_call = PSA_SUCCESS;
*handle = pal_ipc_connect(sid, 0);
-
if (*handle < 0)
{
val_print(PRINT_ERROR, "Could not connect SID. Handle=%x\n", *handle);
@@ -257,13 +270,13 @@
psa_invec data[1] = {{&test_data, sizeof(test_data)}};
status_of_call = pal_ipc_call(*handle, data, 1, NULL, 0);
-
if (status_of_call != PSA_SUCCESS)
{
status = VAL_STATUS_CALL_FAILED;
val_print(PRINT_ERROR, "Call to dispatch SF failed. Status=%x\n", status_of_call);
pal_ipc_close(*handle);
}
+
return status;
}
@@ -328,6 +341,7 @@
break;
case TEST_SKIP:
+ state = TEST_SKIP;
val_print(PRINT_ALWAYS, "TEST RESULT: SKIPPED (Skip Code=0x%x)\n", status);
break;
@@ -429,6 +443,7 @@
(uint32_t *)sizeof(miscellaneous_desc_t));
if (VAL_ERROR(status))
{
+ val_print(PRINT_ERROR, "val_target_get_config failed Error=0x%x\n", status);
return;
}
@@ -468,14 +483,19 @@
void val_test_exit(void)
{
- val_wd_timer_disable();
+ val_status_t status;
+ val_wd_timer_disable();
+ status = val_get_status();
/* return if test skipped or failed */
- if (IS_TEST_SKIP(val_get_status()) || IS_TEST_FAIL(val_get_status()))
+ if (IS_TEST_FAIL(status) || IS_TEST_SKIP(status))
{
- return;
+ return;
}
- val_set_status(RESULT_END(VAL_STATUS_SUCCESS));
+ else
+ {
+ val_set_status(RESULT_END(VAL_STATUS_SUCCESS));
+ }
}
/**
diff --git a/api-tests/val/nspe/val_interfaces.c b/api-tests/val/nspe/val_interfaces.c
index 36ad173..719f4b0 100644
--- a/api-tests/val/nspe/val_interfaces.c
+++ b/api-tests/val/nspe/val_interfaces.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -21,6 +21,9 @@
#include "val_peripherals.h"
#include "val_target.h"
#include "val_crypto.h"
+#include "val_internal_trusted_storage.h"
+#include "val_protected_storage.h"
+#include "val_attestation.h"
/*VAL APIs to be used by test */
const val_api_t val_api = {
@@ -43,10 +46,13 @@
.wd_timer_init = val_wd_timer_init,
.wd_timer_enable = val_wd_timer_enable,
.wd_timer_disable = val_wd_timer_disable,
+ .wd_reprogram_timer = val_wd_reprogram_timer,
.set_boot_flag = val_set_boot_flag,
.get_boot_flag = val_get_boot_flag,
.crypto_function = val_crypto_function,
- .crypto_key_type_is_raw = val_crypto_key_type_is_raw,
+ .its_function = val_its_function,
+ .ps_function = val_ps_function,
+ .attestation_function = val_attestation_function,
};
const psa_api_t psa_api = {
diff --git a/api-tests/val/nspe/val_interfaces.h b/api-tests/val/nspe/val_interfaces.h
index ce9b3a1..b41aab1 100644
--- a/api-tests/val/nspe/val_interfaces.h
+++ b/api-tests/val/nspe/val_interfaces.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -50,10 +50,13 @@
val_status_t (*wd_timer_init) (wd_timeout_type_t timeout_type);
val_status_t (*wd_timer_enable) (void);
val_status_t (*wd_timer_disable) (void);
+ val_status_t (*wd_reprogram_timer) (wd_timeout_type_t timeout_type);
val_status_t (*set_boot_flag) (boot_state_t state);
val_status_t (*get_boot_flag) (boot_state_t *state);
- val_status_t (*crypto_function) (int type, ...);
- int32_t (*crypto_key_type_is_raw) (uint32_t type);
+ int32_t (*crypto_function) (int type, ...);
+ uint32_t (*its_function) (int type, ...);
+ uint32_t (*ps_function) (int type, ...);
+ int32_t (*attestation_function) (int type, ...);
} val_api_t;
typedef struct {
@@ -66,7 +69,7 @@
psa_outvec *out_vec,
size_t out_len
);
- void (*close) (psa_handle_t handle);
+ void (*close) (psa_handle_t handle);
} psa_api_t;
typedef void (*test_fptr_t)(val_api_t *val, psa_api_t *psa);
@@ -77,7 +80,6 @@
} val_test_info_t;
#include "test_entry_fn_declare_list.inc"
-void test_entry(val_api_t *val, psa_api_t *psa);
-void test_payload(val_api_t *val, psa_api_t *psa);
+void test_entry(val_api_t *val, psa_api_t *psa);
#endif
diff --git a/api-tests/val/nspe/val_internal_trusted_storage.c b/api-tests/val/nspe/val_internal_trusted_storage.c
new file mode 100644
index 0000000..e79e9c0
--- /dev/null
+++ b/api-tests/val/nspe/val_internal_trusted_storage.c
@@ -0,0 +1,39 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_target.h"
+#include "pal_interfaces_ns.h"
+#include "val_framework.h"
+#include "val_client_defs.h"
+#include "val_internal_trusted_storage.h"
+
+/**
+ @brief - This API will call the requested internal trusted storage function
+ @param - type : function code
+ ... : variable number of arguments
+ @return - Error status
+**/
+uint32_t val_its_function(int type, ...)
+{
+ va_list valist;
+ uint32_t status;
+
+ va_start(valist, type);
+ status = pal_its_function(type, valist);
+ va_end(valist);
+ return status;
+}
diff --git a/api-tests/val/nspe/val_internal_trusted_storage.h b/api-tests/val/nspe/val_internal_trusted_storage.h
new file mode 100644
index 0000000..e74a701
--- /dev/null
+++ b/api-tests/val/nspe/val_internal_trusted_storage.h
@@ -0,0 +1,35 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_INTERNAL_TRUSTED_STORAGE_H_
+#define _VAL_INTERNAL_TRUSTED_STORAGE_H_
+
+#include "val.h"
+
+#define UID_BASE_VALUE 0
+#define UID_MAX_VALUE 15
+#define BYTES_TO_BITS(byte) (byte * 8)
+
+enum its_function_code {
+ VAL_ITS_SET = 0x1,
+ VAL_ITS_GET = 0x2,
+ VAL_ITS_GET_INFO = 0x3,
+ VAL_ITS_REMOVE = 0x4,
+};
+
+uint32_t val_its_function(int type, ...);
+#endif /* _VAL_INTERNAL_TRUSTED_STORAGE_H_ */
diff --git a/api-tests/val/nspe/val_peripherals.c b/api-tests/val/nspe/val_peripherals.c
index 1ac33c6..9f153e0 100644
--- a/api-tests/val/nspe/val_peripherals.c
+++ b/api-tests/val/nspe/val_peripherals.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -100,7 +100,11 @@
return status;
}
- if (timeout_type == WD_LOW_TIMEOUT)
+ if (timeout_type == WD_CRYPTO_TIMEOUT)
+ {
+ time_us = soc_per_desc->timeout_in_micro_sec_crypto;
+ }
+ else if (timeout_type == WD_LOW_TIMEOUT)
{
time_us = soc_per_desc->timeout_in_micro_sec_low;
}
@@ -162,6 +166,31 @@
return pal_wd_timer_disable_ns(soc_per_desc->base);
}
+val_status_t val_wd_reprogram_timer(wd_timeout_type_t timeout_type)
+{
+ val_status_t status = VAL_STATUS_SUCCESS;
+
+ /* Disable watchdog Timer */
+ val_wd_timer_disable();
+
+ /* Initialise watchdog */
+ status = val_wd_timer_init(timeout_type);
+ if (VAL_ERROR(status))
+ {
+ return status;
+ }
+
+ /* Enable watchdog Timer */
+ status = val_wd_timer_enable();
+ if (VAL_ERROR(status))
+ {
+ return status;
+ }
+
+ return status;
+}
+
+
/*
@brief - Reads 'size' bytes from Non-volatile memory at a given. This is client interface
API of secure partition val_nvmem_read_sf API for nspe world.
diff --git a/api-tests/val/nspe/val_peripherals.h b/api-tests/val/nspe/val_peripherals.h
index 86147c1..dfea143 100644
--- a/api-tests/val/nspe/val_peripherals.h
+++ b/api-tests/val/nspe/val_peripherals.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -28,4 +28,5 @@
val_status_t val_wd_timer_init(wd_timeout_type_t timeout_type);
val_status_t val_wd_timer_enable(void);
val_status_t val_wd_timer_disable(void);
+val_status_t val_wd_reprogram_timer(wd_timeout_type_t timeout_type);
#endif
diff --git a/api-tests/val/nspe/val_protected_storage.c b/api-tests/val/nspe/val_protected_storage.c
new file mode 100644
index 0000000..06c1f50
--- /dev/null
+++ b/api-tests/val/nspe/val_protected_storage.c
@@ -0,0 +1,39 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_target.h"
+#include "pal_interfaces_ns.h"
+#include "val_framework.h"
+#include "val_client_defs.h"
+#include "val_protected_storage.h"
+
+/**
+ @brief - This API will call the requested protected storage function
+ @param - type : function code
+ ... : variable number of arguments
+ @return - Error status
+**/
+uint32_t val_ps_function(int type, ...)
+{
+ va_list valist;
+ uint32_t status;
+
+ va_start(valist, type);
+ status = pal_ps_function(type, valist);
+ va_end(valist);
+ return status;
+}
diff --git a/api-tests/val/nspe/val_protected_storage.h b/api-tests/val/nspe/val_protected_storage.h
new file mode 100644
index 0000000..5d2df21
--- /dev/null
+++ b/api-tests/val/nspe/val_protected_storage.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2019, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_PROTECTED_STORAGE_H_
+#define _VAL_PROTECTED_STORAGE_H_
+
+#include "val.h"
+
+#define UID_BASE_VALUE 0
+#define UID_MAX_VALUE 15
+#define BYTES_TO_BITS(byte) (byte * 8)
+
+enum ps_function_code {
+ VAL_PS_SET = 0x1,
+ VAL_PS_GET = 0x2,
+ VAL_PS_GET_INFO = 0x3,
+ VAL_PS_REMOVE = 0x4,
+ VAL_PS_CREATE = 0x5,
+ VAL_PS_SET_EXTENDED = 0x6,
+};
+
+uint32_t val_ps_function(int type, ...);
+#endif /* _VAL_PROTECTED_STORAGE_H_ */
diff --git a/api-tests/val/spe/val_driver_service_apis.c b/api-tests/val/spe/val_driver_service_apis.c
index b29de14..46a3162 100644
--- a/api-tests/val/spe/val_driver_service_apis.c
+++ b/api-tests/val/spe/val_driver_service_apis.c
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -17,8 +17,10 @@
#include "val_driver_service_apis.h"
+#include "val/common/val_target.c"
print_verbosity_t g_print_level = PRINT_INFO;
+static int is_uart_init_done = 0;
/* UART APIs */
/*
@@ -30,6 +32,7 @@
val_status_t val_uart_init_sf(addr_t uart_base_addr)
{
pal_uart_init(uart_base_addr);
+ is_uart_init_done = 1;
return VAL_STATUS_SUCCESS;
}
/*
@@ -41,7 +44,11 @@
*/
val_status_t val_print_sf(char *string, uint32_t data)
{
- pal_print(string, data);
+ if (is_uart_init_done == 1)
+ {
+ /* Do not print until uart_init is complete */
+ pal_print(string, data);
+ }
return VAL_STATUS_SUCCESS;
}
@@ -133,3 +140,62 @@
return VAL_STATUS_ERROR;
}
}
+
+/**
+ @brief - This function sets the given boot.state value to corresponding
+ boot NVMEM location
+ @param - state: boot_state_t
+ @return - val_status_t
+**/
+val_status_t val_driver_private_set_boot_flag_fn(boot_state_t state)
+{
+ boot_t boot;
+ val_status_t status;
+ memory_desc_t *memory_desc;
+
+ status = val_target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY, MEMORY_NVMEM, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+
+ if (VAL_ERROR(status))
+ {
+ return status;
+ }
+
+ boot.state = state;
+ status = val_nvmem_write_sf(memory_desc->start,
+ VAL_NVMEM_OFFSET(NV_BOOT),
+ &boot,
+ sizeof(boot_t));
+ if (VAL_ERROR(status))
+ {
+ val_print_sf("val_nvmem_write_sf failed Error=0x%x\n", status);
+ return status;
+ }
+ return status;
+}
+
+/**
+ @brief - This function initialises the driver reserved mmio region
+ @param - void
+ @return - val_status_t
+**/
+val_status_t val_init_driver_memory(void)
+{
+ val_status_t status;
+ memory_desc_t *memory_desc;
+
+ status = val_target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY,
+ MEMORY_DRIVER_PARTITION_MMIO, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+ if (VAL_ERROR(status))
+ {
+ return status;
+ }
+
+ /* Init driver mmio space to 0 to avoid uninit access */
+ memset((uint32_t *)memory_desc->start, 0, (memory_desc->end - memory_desc->start + 1));
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/api-tests/val/spe/val_driver_service_apis.h b/api-tests/val/spe/val_driver_service_apis.h
index a045d57..9614e35 100644
--- a/api-tests/val/spe/val_driver_service_apis.h
+++ b/api-tests/val/spe/val_driver_service_apis.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -18,8 +18,8 @@
#ifndef _VAL_DRIVER_PARTITION_APIS_H_
#define _VAL_DRIVER_PARTITION_APIS_H_
-#include "val/common/val.h"
-#include "val/common/val_client_defs.h"
+#include "val.h"
+#include "val_client_defs.h"
#include "val_service_defs.h"
#include "pal_interfaces_s.h"
@@ -30,6 +30,8 @@
*/
#include "psa_manifest/driver_partition_psa.h"
+#define USE_RAW_PRINT_FOR_DRIVER_PARTITION 1
+
val_status_t val_uart_init_sf(addr_t uart_base_addr);
val_status_t val_print_sf(char *string, uint32_t data);
val_status_t val_wd_timer_init_sf(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us);
@@ -38,4 +40,6 @@
val_status_t val_is_wd_timer_enabled_sf(addr_t base_addr);
val_status_t val_nvmem_read_sf(addr_t base, uint32_t offset, void *buffer, int size);
val_status_t val_nvmem_write_sf(addr_t base, uint32_t offset, void *buffer, int size);
+val_status_t val_driver_private_set_boot_flag_fn(boot_state_t state);
+val_status_t val_init_driver_memory(void);
#endif
diff --git a/api-tests/val/spe/val_partition_common.h b/api-tests/val/spe/val_partition_common.h
index 7648116..df36402 100644
--- a/api-tests/val/spe/val_partition_common.h
+++ b/api-tests/val/spe/val_partition_common.h
@@ -1,5 +1,5 @@
/** @file
- * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * Copyright (c) 2018-2019, Arm Limited or its affiliates. All rights reserved.
* SPDX-License-Identifier : Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License");
@@ -26,8 +26,8 @@
#ifndef _VAL_COMMON_SP_APIS_H_
#define _VAL_COMMON_SP_APIS_H_
-#include "val/common/val.h"
-#include "val/common/val_target.c"
+#include "val.h"
+#include "val_target.c"
#include "val_service_defs.h"
/* "psa_manifest/<manifestfilename>.h" Manifest definitions. Only accessible to Secure Partition.
@@ -206,7 +206,7 @@
if ((msg->type != PSA_IPC_CONNECT) || (msg->handle <= 0))
{
- val_print(PRINT_ERROR, "\npsa_get failed for PSA_IPC_CONNECT", 0);
+ val_print(PRINT_ERROR, "\tpsa_get failed for PSA_IPC_CONNECT\n", 0);
res = VAL_STATUS_ERROR;
}
else
@@ -216,7 +216,7 @@
}
else
{
- val_print(PRINT_ERROR, "\npsa_wait returned with invalid signal value = 0x%x", signals);
+ val_print(PRINT_ERROR, "\tpsa_wait returned with invalid signal value = 0x%x\n", signals);
res = VAL_STATUS_ERROR;
}
return res;
@@ -244,7 +244,7 @@
if ((msg->type != PSA_IPC_CALL) || (msg->handle <= 0))
{
- val_print(PRINT_ERROR, "\npsa_get failed for PSA_IPC_CALL", 0);
+ val_print(PRINT_ERROR, "\tpsa_get failed for PSA_IPC_CALL\n", 0);
res = VAL_STATUS_ERROR;
}
else
@@ -254,7 +254,7 @@
}
else
{
- val_print(PRINT_ERROR, "\npsa_wait returned with invalid signal value = 0x%x", signals);
+ val_print(PRINT_ERROR, "\tpsa_wait returned with invalid signal value = 0x%x\n", signals);
res = VAL_STATUS_ERROR;
}
return res;
@@ -282,7 +282,7 @@
if ((msg->type != PSA_IPC_DISCONNECT) || (msg->handle <= 0))
{
- val_print(PRINT_ERROR, "\npsa_get failed for PSA_IPC_DISCONNECT", 0);
+ val_print(PRINT_ERROR, "\tpsa_get failed for PSA_IPC_DISCONNECT\n", 0);
res = VAL_STATUS_ERROR;
}
else
@@ -292,7 +292,7 @@
}
else
{
- val_print(PRINT_ERROR, "\npsa_wait returned with invalid signal value = 0x%x", signals);
+ val_print(PRINT_ERROR, "\tpsa_wait returned with invalid signal value = 0x%x\n", signals);
res = VAL_STATUS_ERROR;
}
return res;
@@ -314,7 +314,7 @@
test_info_t test_info;
test_info.test_num = test_num;
- val_print(PRINT_TEST, "[Info] Executing tests form secure\n", 0);
+ val_print(PRINT_TEST, "[Info] Executing tests from secure\n", 0);
while (tests_list[i] != NULL)
{
@@ -339,9 +339,14 @@
status = val_get_secure_test_result(&handle);
status = test_status ? test_status:status;
+ if (IS_TEST_SKIP(status))
+ {
+ val_print(PRINT_DEBUG, "[Check%d] SKIPPED\n", i);
+ return status;
+ }
if (VAL_ERROR(status))
{
- val_print(PRINT_ERROR,"[Check%d] FAILED\n", i);
+ val_print(PRINT_DEBUG,"[Check%d] FAILED\n", i);
return status;
}
else