Support for PSA Firmware Framework Test Suite. (#14)
- PSA IPC tests
- PSA Crypto tests
Signed-off-by: Jaykumar Pitambarbhai Patel <jaykumar.pitambarbhaipatel@arm.com>
diff --git a/README.md b/README.md
index 01772a9..b51fa1a 100755
--- a/README.md
+++ b/README.md
@@ -20,6 +20,9 @@
### TBSA-v8M
The test suite for this specification is located in the tbsa-v8m directory of this repository. See [TBSA-v8m Readme](tbsa-v8m/README.md) file for more details.
+### Firmware Framework
+The test suite for this specification is located in the psa-ff directory of this repository. See [Firmware Framework Readme](psa-ff/README.md) file for more details.
+
## License
diff --git a/psa-ff/README.md b/psa-ff/README.md
new file mode 100644
index 0000000..395c0b7
--- /dev/null
+++ b/psa-ff/README.md
@@ -0,0 +1,131 @@
+
+# PSA Firmware Framework : Architecture Test Suite
+
+## Introduction
+
+### PSA FF Specification
+
+Arm Platform Security Architecture (PSA) is a holistic set of threat models, security analysis, hardware and firmware architecture specifications, and an open source firmware reference implementation. PSA provides a recipe, based on industry best practice, that allows security to be consistently designed in, at both a hardware and firmware level.
+
+The PSA Firmware Framework defines a standard programming environment and firmware interfaces for implementing and accessing security services within a device's Root of Trust.
+
+The Firmware Framework specification: <br />
+- provides requirements for the SPM
+- defines a standard runtime environment for developing protected RoT Services, including the programming interfaces
+ provided by the SPM for implementing and using RoT Services
+- defines the standard interfaces for the PSA RoT Services.
+
+To receive a copy of the PSA FF specification, Arm Licensees may contact Arm through their partner managers.
+
+### Architecture Test Suite
+
+The Architecture Test Suite is a set of examples of the invariant behaviours that are specified by the PSA FF Specification. Use this suite to verify that these behaviours are implemented correctly in your system.
+
+PSA FF Architecture Test Suite contains the tests that are self-checking, portable C-based tests with directed stimulus.
+
+The tests are available as open source. The tests and the corresponding abstraction layers are available with an Apache v2.0 license allowing for external contribution.
+
+## Release Update
+ - Release Version - 0.5
+ - Code Quality: Alpha <br />
+ This indicates the suite is in development and it contains tests which have not been validated on any platform. Please use this opportunity to suggest enhancements and point out errors.
+ - Current release contains the test suite for IPC and Crypto tests.
+ - This test suite is not a substitute for design verification.
+ - To review the test logs, Arm licensees can contact Arm directly through their partner managers.
+
+## Layers
+
+PSA FF Architecture Test Suite uses a layered software-stack approach to enable porting across different test platforms. The constituents of the layered stack are: <br />
+- Test suite
+- Validation Abstraction Layer (VAL)
+- Platform Abstraction Layer (PAL)
+
+The tests are written on top of Validation Abstraction Layer (VAL) and Platform Abstraction Layer (PAL). The abstraction layers provide platform information and runtime environment to enable execution of the tests.
+
+In this release, PAL is written on top of baremetal drivers. It is expected that this layer will be ported to specific software stack of the platform.
+
+## Scenarios
+
+The mapping of the rules in the specification to the test cases and the steps followed in the tests are mentioned in the [Scenario document](docs/) present in the docs/ folder.
+
+
+## Getting Started
+
+Follow the instructions in the subsequent sections to get a copy of the source code on your local machine and build the tests. <br />
+
+### Prerequisite
+
+Before starting the test suite build, ensure that the following requirements are met: <br />
+
+- Host Operating System : Ubuntu 16.04
+- Scripting tools : Perl 5.12.3
+- Other open-source tools : GNU Arm Embedded Toolchain 6.3.1
+
+### Download source
+To download the master branch of the repository, type the following command: <br />
+
+ git clone https://github.com/ARM-software/psa-arch-tests.git
+
+### Porting steps
+
+Refer to the [Porting Guide](docs/Arm_PSA_FF_Arch_Test_Porting_Guide.md) document for porting steps.
+Refer to the [Validation Methodology](docs/Arm_PSA_FF_Arch_Test_Validation_Methodology.pdf) document in the docs folder for additional details.
+
+### Build steps
+
+To build PSA FF test suite for a given platform, execute the following commands:
+
+1. cd psa-ff
+2. ./tools/scripts/setup.sh --target <platform_name> --cpu_arch <cpu_architecture_version> --suite <suite_name> --build <build_dir> <br />
+
+ Examples: <br />
+ To compile IPC tests: ./tools/scripts/setup.sh --target fvp_mps2_cm4_mbedos --cpu_arch armv7m --suite ipc --include <include_path> --build BUILD_IPC <br />
+ To compile Crypto tests: ./tools/scripts/setup.sh --target fvp_mps2_cm4_mbedos --cpu_arch armv7m --suite crypto --build BUILD_CRYPTO
+
+<br /> where:
+
+- <platform_name> is the same as the name of the target specific directory created in the platform/targets/ directory. <br />
+- <cpu_architecture_version> is the Arm Architecture version name for which compliance binaries should be compiled the binaries. For example, Armv7M, Armv8M-Baseline and Armv8M-Mainline Architecture. <br />
+- <suite_name> is the suite name and it is same as the suite name available in test_suites/ directory. <br />
+- <include_path> is an additional directory to be included into compiler search path. For IPC tests, it must point to path where psa_client.h and psa_service.h files are located. <br />
+- <build_dir> is an output directory to keep build files.
+
+Refer ./tools/scripts/setup.sh --help to know more about options.
+
+### Build output
+PSA FF test suite build generates following output binaries:
+
+ - <build_dir>/BUILD/val/val_nspe.a
+ - <build_dir>/BUILD/platform/pal_nspe.a
+ - <build_dir>/BUILD/<suite_name>/test_elf_combine.bin
+
+### Binaries integration into your platform
+
+1. Compile compliance tests partition code using your build tool. You must integrate compliance partition code with your software stack containing SPM so that partition code get access to PSA defined client and RoT service APIs. This forms a SPE binary. Refer to the [Porting Guide](docs/Arm_PSA_FF_Arch_Test_Porting_Guide.md) for more detail on compliance partition code compilation.
+2. Integrate BUILD/val/val_nspe.a and BUILD/platform/pal_nspe.a libraries with your Non-Secure OS so that these libraries get access to PSA client APIs. For Crypto tests, these libraries would require to get access to PSA Crypto APIs as well. This will form a NSPE binary.
+3. Load NSPE binary and test_elf_combine.bin to NS memory
+4. Load SPE binary into S memory
+
+## Test Suite Execution
+The following steps describe the execution flow prior to the start of test execution: <br />
+
+1. The target platform must load above binaries into appropriate memory. <br />
+2. The System Under Test (SUT) would boot to an environment which intializes SPM and PSA FF partitions are ready to accept requests. <br />
+3. On the non-secure side, the SUT - boot software would give control to the compliance tests entry point- *void val_entry(void);* as an application entry point. <br />
+4. The tests are executed sequentially in a loop in the test_dispatcher function. <br />
+
+## License
+
+Arm PSA FF Architecture test suite is distributed under Apache v2.0 License.
+
+
+## Feedback, contributions, and support
+
+ - For feedback, use the GitHub Issue Tracker that is associated with this repository.
+ - For support, send an email to support-psa-arch-tests@arm.com with details.
+ - Arm licensees can contact Arm directly through their partner managers.
+ - Arm welcomes code contributions through GitHub pull requests.
+
+--------------
+
+*Copyright (c) 2018, Arm Limited and Contributors. All rights reserved.*
diff --git a/psa-ff/docs/Arm_PSA_FF_Arch_Test_Porting_Guide.md b/psa-ff/docs/Arm_PSA_FF_Arch_Test_Porting_Guide.md
new file mode 100644
index 0000000..e6c2d04
--- /dev/null
+++ b/psa-ff/docs/Arm_PSA_FF_Arch_Test_Porting_Guide.md
@@ -0,0 +1,100 @@
+
+# Porting Guide - PSA FF Architecture Test Suite
+-----------------------------------------------------
+
+## Introduction
+The PSA FF Architecture test suite contains a platform abstraction layer (PAL) which abstracts platform specific information from the tests.
+ - The PAL layer interface functions need to be implemented/ported to the target platform.
+ - The target config file must be created/updated to match the details of the target platform.
+
+This document provides details on the porting steps and the PAL APIs.
+
+## Porting steps
+
+### Target configuration
+
+ You must populate your system configuration and provide it as an input to test suite.
+
+This is captured in a single static input configuration file that is named as target.cfg. This file is available at psa-ff/platform/targets/<platform_name>/. <br />
+
+An example of the input configuration file is as shown.
+
+ // UART device info
+ uart.num=1;
+ uart.0.base = 0x40004000;
+ uart.0.size = 0xFFF;
+ uart.0.intr_id = 0xFF;
+ uart.0.permission = TYPE_READ_WRITE;
+
+ // Watchdog device info
+ watchdog.num = 1;
+ watchdog.0.base = 0x40008000;
+ watchdog.0.size = 0xFFF;
+ watchdog.0.intr_id = 0xFF;
+ watchdog.0.permission = TYPE_READ_WRITE;
+
+ More details on the structure of the input can be obtained from val/nspe/val_target.h.
+
+**Note**:
+ Test suite needs access to the following peripherals and the services of these peripherals are implemented as RoT services in the driver partition.
+ - One UART to print nspe and spe messages
+ - One Watchdog timer to help recovery from any fatal error conditions
+ - Non-volatile memory support to preserve test status over watchdog timer reset
+
+### Create a new target
+
+ Since PSA FF test suite is agnostic to various system targets, before building the tests, you must port the files mentioned in the following steps.
+
+**Procedure**
+----------------
+
+ - Create a new directory in platform/targets/<platform_name>. For reference, see the existing platform fvp_mps2_cm4_mbedos directory.
+ - Copy platform/targets/fvp_mps2_cm4_mbedos/target.cfg file into your <platform_name> folder and update it with your platform detail. Refer val/nspe/val_target.h for structure details.
+ - Update mmio_regions information available in platform/manifests/common/driver_partition_psa.json manifest file with your platform information. mmio_regions detail must match with device detail provided in the target.cfg file.
+ - The test suite specified "sid" and partition "id" are provided in manifest files available in platform/manifests/ directory. You can update them if they are clashing with your system defined sid and partition-id values. You may need to update platform/nspe/pal_sid.h file for any change in test suite provided SID values.
+ - Refer "PAL API list" section to view list of PAL API that must be ported for your target platform. These APIs definitions are available in nspe/pal_\*\_intf.c and spe/pal_\*_intf.c files. These APIs are written for fvp_mps2_cm4_mbedos platform. You can reuse the code if it works for your platform. Otherwise you must port them for your platform specific peripherals.
+ - Update platform/nspe/Makefile appropriately for platform/nspe/ code compilation. This make file is invoked as part of test suite build tool(./setup.sh) step and it creates <build_dir>/BUILD/platform/pal_nspe.a archive.
+ - The code available in platform/spe/ is part of driver partition and it must be compiled by your partition build tool by processing the platform/manifests/common/driver_partition_psa.json manifest file. See "Compiling compliance partition sources" section for more detail.
+
+## PAL API list
+ These functions will require implementation for the target platform. <br />
+
+- Following are the list of PAL APIs used in NSPE: <br />
+
+| No | Prototype | Description | Parameters |
+|----|-----------------------------------------------------------|------------------------------------------------------|-------------------------------------|
+| 01 | int pal_spi_read(addr_t addr, uint8_t *data, uint32_t len);| This function will read peripherals using SPI commands| addr : address of the peripheral<br/>data : read buffer<br/>len : length of the read buffer in bytes<br/>|
+| 02 | void *pal_target_get_cfg_start(void); | provides the database source location. | void <br/> |
+| 03 | uint32_t pal_crypto_function(int type, va_list valist); | This API will call the requested crypto function | type : function code<br/>valist : variable argument list<br/> |
+
+- Following are the list of PAL APIs used in SPE: <br />
+
+| No | Prototype | Description | Parameters |
+|----|-----------------------------------------------------------------------------------|-----------------------------------------------------------------------------------|----------------------------------------------------------|
+| 01 | void pal_uart_init(addr_t uart_base_addr); | This function initializes the uart | uart_base_addr : Base address of the UART<br/> |
+| 02 | void pal_print(char *str, uint32_t data); | This function parses the input string and writes byte by byte to print | str : Input String<br/>data : Value for Format specifier<br/> |
+| 03 | int pal_wd_timer_init(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us);| Initializes an hardware watchdog timer | base_addr : Base address of the watchdog module<br/>time_us : Time in micro seconds<br/>timer_tick_us : Number of ticks per micro second<br/>|
+| 04 | int pal_wd_timer_enable(addr_t base_addr); | Enables a hardware watchdog timer | base_addr : Base address of the watchdog module<br/> |
+| 05 | int pal_wd_timer_disable(addr_t base_addr); | Disables a hardware watchdog timer | base_addr : Base address of the watchdog module<br/> |
+| 06 | int pal_wd_timer_is_enabled(addr_t base_addr); | Checks whether hardware watchdog timer is enabled | base_addr : Base address of the watchdog module<br/> |
+| 07 | int pal_nvmem_write(addr_t base, uint32_t offset, void *buffer, int size); | Writes 'size' bytes from buffer into non-volatile memory at a given 'base + offset'| base : Base address of NV MEM<br/>offset : Offset<br/>buffer : Pointer to source address<br/>size : Number of bytes<br/> |
+| 08 | int pal_nvmem_read(addr_t base, uint32_t offset, void *buffer, int size); | Reads 'size' bytes from non-volatile memory at a given | base : Base address of NV MEM<br/>offset : Offset<br/>buffer : Pointer to source address<br/>size : Number of bytes<br/> |
+
+## Compiling compliance partition sources
+
+- Your build tool must conform to manifest rules specified in PSA FF specification. Refer PSA FF specification for more details.
+- The compliance required partition manifest files are available in platform/manifests/common and platform/manifests/ipc directory. Use these paths to search and process compliance provided partition manifest files using your build tool.
+- Compliance partition source code requires your build tool to gererate following header files when your process the manifest files and those must be available when compiling partition source code: <br />
+ - A private header file with \<manifestfilename.h\> naming convention per manifest containing macros that maps names to signals<br />
+ - A global header file with \<psa_sid.h\> as name that contains SIDs macros of all manifests<br />
+- Your build tool must provide the implementation of PSA defined psa_client.h and psa_service.h header files to partition sources.
+- Compliance partition source code includes header files with path relative to psa-ff directory. Therefore, when you compile the sources, your build tool must supply the full path of psa-ff directory to the compiler header file seach path.
+- You must integrate compliance partition code with your software stack containing SPM so that partition code get access to PSA defined client and RoT service APIs.
+
+
+## License
+Arm PSA FF Architecture test suite is distributed under Apache v2.0 License.
+
+--------------
+
+*Copyright (c) 2018, Arm Limited and Contributors. All rights reserved.*
diff --git a/psa-ff/docs/Arm_PSA_FF_Arch_Test_Validation_Methodology.pdf b/psa-ff/docs/Arm_PSA_FF_Arch_Test_Validation_Methodology.pdf
new file mode 100644
index 0000000..127f090
--- /dev/null
+++ b/psa-ff/docs/Arm_PSA_FF_Arch_Test_Validation_Methodology.pdf
Binary files differ
diff --git a/psa-ff/docs/psa_crypto_testlist.md b/psa-ff/docs/psa_crypto_testlist.md
new file mode 100644
index 0000000..afaf130
--- /dev/null
+++ b/psa-ff/docs/psa_crypto_testlist.md
@@ -0,0 +1,56 @@
+# PSA Crypto Testcase checklist
+
+
+
+| **Group** | **Test** | **Function** | **Scenario** | **Return Value** | **Steps** | **Test Case** |
+|------------------------------|-----------|--------------------------|-----------------------------------------------------------------------------------------------------------------------|-----------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| **Basic** | test_c001 | psa_crypto_init | Library initialization | PSA_SUCCESS | Calling this function should return SUCCESS | |
+| | | | Applications must call this function before calling any other function in this module. | PSA_SUCCESS | Try calling crypto operations doing a crypto_init should be successful(can be covered as part of other testcase) | |
+| | | | Applications may call this function more than once. Once a call succeeds, subsequent calls are guaranteed to succeed. | PSA_SUCCESS | Try calling multiple crypto init and should return SUCCESS | |
+| | | | Applications must call this function before calling any other function in this module. | PSA_ERROR_BAD_STATE | Try calling crypto operations without doing a crypto_init should return FAILURE | |
+| | | | | | | |
+| **Key Management** | test_c002 | psa_import_key | Import a key in binary format. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Initialize a key policy structure to a default that forbids all usage of the key <br /> 3. Set the standard fields of a policy structure <br /> 4. Set the usage policy on a key slot <br /> 5. Import the key data into the key slot <br /> 6. Get basic metadata about a key <br /> 7. Export a key in binary format <br /> 8. Check if original key data matches with the exported data | 1. 16 Byte AES <br /> 2. 24 Byte AES <br /> 3. 32 Byte AES <br /> 4. 2048 RSA public key <br /> 5. 2048 RSA keypair <br /> 6. DES 64 bit key <br /> 7. Triple DES 2-Key <br /> 8. Triple DES 3-Key <br /> 9. EC Public key <br /> 10. EC keypair |
+| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function with incorrect key type | Incorrect key type |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Key data greater than the algorithm size <br /> 2. Incorrect key data size <br /> 3. Invalid key slot <br /> 4. Zero key slot |
+| | | | | PSA_ERROR_OCCUPIED_SLOT | Pass the key slot to store data which is already occupied | Already occupied key slot |
+| | test_c003 | psa_export_key | Export a key in binary format | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Initialize a key policy structure to a default that forbids all usage of the key <br /> 3. Set the standard fields of a policy structure <br /> 4. Set the usage policy on a key slot <br /> 5. Import the key data into the key slot <br /> 6. Get basic metadata about a key <br /> 7. Export a key in binary format <br /> 8. Check if original key data matches with the exported data | 1. 16 Byte AES <br /> 2. 24 Byte AES <br /> 3. 32 Byte AES <br /> 4. 2048 RSA public key <br /> 5. 2048 RSA keypair <br /> 6. DES 64 bit key <br /> 7. Triple DES 2-Key <br /> 8. Triple DES 3-Key <br /> 9. EC Public key <br /> 10. EC keypair |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | Calling this function with buffer size less than required | Less buffer size |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Zero key slot <br /> 2. Invalid key slot |
+| | | | | PSA_ERROR_BAD_STATE | Calling this function with key policy that cannot be exported | Invalid key policy usage |
+| | | | | PSA_ERROR_EMPTY_SLOT | Calling this function with empty key slot | Empty key slot |
+| | test_c004 | psa_export_public_key | Export a public key or the public part of a key pair in binary format. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Initialize a key policy structure to a default that forbids all usage of the key <br /> 3. Set the standard fields of a policy structure <br /> 4. Set the usage policy on a key slot <br /> 5. Import the key data into the key slot <br /> 6. Get basic metadata about a key <br /> 7. Export a key in binary format <br /> 8. Check if original key data matches with the exported data | 1. 2048 RSA public key <br /> 2. 2048 RSA keypair <br /> 3. EC Public key <br /> 4. EC keypair |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | 1. Initialize the PSA crypto library <br /> 2. Initialize a key policy structure to a default that forbids all usage of the key <br /> 3. Set the standard fields of a policy structure <br /> 4. Set the usage policy on a key slot <br /> 5. Import the key data into the key slot <br /> 6. Get basic metadata about a key <br /> 7. Export a key in binary format <br /> 8. Check if original key data matches with the exported data | 1. 16 Byte AES <br /> 2. 24 Byte AES <br /> 3. 32 Byte AES <br /> 4. DES 64 bit key <br /> 5. Triple DES 2-Key <br /> 6. Triple DES 3-Key |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | Calling this function with buffer size less than required | Less buffer size |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Zero key slot <br /> 2. Invalid key slot |
+| | | | | PSA_ERROR_BAD_STATE | Calling this function with key policy that cannot be exported | Invalid key policy usage |
+| | test_c005 | psa_destroy_key | Destroy a key and restore the slot to its default state. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Initialize a key policy structure to a default that forbids all usage of the key <br /> 3. Set the standard fields of a policy structure <br /> 4. Set the usage policy on a key slot <br /> 5. Import the key data into the key slot <br /> 6. Get basic metadata about a key <br /> 7. Destroy a key and restore the slot to its default state <br /> 8. Check that if the key metadata are destroyed | 1. 16 Byte AES <br /> 2. 24 Byte AES <br /> 3. 32 Byte AES <br /> 4. 2048 RSA public key <br /> 5. 2048 RSA keypair <br /> 6. DES 64 bit key <br /> 7. Triple DES 2-Key <br /> 8. Triple DES 3-Key <br /> 9. EC Public key <br /> 10. EC keypair |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Invalid key slot <br /> 2. Zero key slot <br /> 3. Empty key slot |
+| | test_c006 | psa_get_key_information | Get basic metadata about a key. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Initialize a key policy structure to a default that forbids all usage of the key <br /> 3. Set the standard fields of a policy structure <br /> 4. Set the usage policy on a key slot <br /> 5. Import the key data into the key slot <br /> 6. Get basic metadata about a key | 1. 16 Byte AES <br /> 2. 24 Byte AES <br /> 3. 32 Byte AES <br /> 4. 2048 RSA public key <br /> 5. 2048 RSA keypair <br /> 6. DES 64 bit key <br /> 7. Triple DES 2-Key <br /> 8. Triple DES 3-Key <br /> 9. EC Public key <br /> 10. EC keypair |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Zero key slot <br /> 2. Invalid key slot |
+| | | | | PSA_ERROR_EMPTY_SLOT | Pass the key slot number which has the key type as none | Empty key slot |
+| | NO TEST | psa_key_policy_set_usage | Set the standard fields of a policy structure. | void | Void function. Covered as part of other cases | |
+| | | | | | | |
+| **Key Policies** | test_c007 | psa_set_key_policy | Set the usage policy on a key slot. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Initialize a key policy structure to a default that forbids all usage of the key <br /> 3. Set the standard fields of a policy structure <br /> 4. Set the usage policy on a key slot <br /> 5. Import the key data into the key slot <br /> 6. Get the usage policy for a key slot <br /> 7. Check if the policy matches the original input | 1. 16 Byte AES <br /> 2. 24 Byte AES <br /> 3. 32 Byte AES <br /> 4. 2048 RSA public key <br /> 5. 2048 RSA keypair <br /> 6. DES 64 bit key <br /> 7. Triple DES 2-Key <br /> 8. Triple DES 3-Key <br /> 9. EC Public key <br /> 10. EC keypair |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Invalid key policy <br /> 2. Zero key slot <br /> 3. Invalid key slot |
+| | | | | PSA_ERROR_OCCUPIED_SLOT | Pass the key slot to store data which is already occupied | Already occupied key slot |
+| | test_c008 | psa_get_key_policy | Get the usage policy for a key slot | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Initialize a key policy structure to a default that forbids all usage of the key <br /> 3. Set the standard fields of a policy structure <br /> 4. Set the usage policy on a key slot <br /> 5. Change the lifetime of a key slot <br /> 6. Import the key data into the key slot <br /> 7. Get the usage policy for a key slot <br /> 8. Retrieve the usage field of a policy structure <br /> 9. Retrieve the algorithm field of a policy structure <br /> 10. Make sure they match the original value | 1. 16 Byte AES <br /> 2. 24 Byte AES <br /> 3. 32 Byte AES <br /> 4. 2048 RSA public key <br /> 5. 2048 RSA keypair <br /> 6. DES 64 bit key <br /> 7. Triple DES 2-Key <br /> 8. Triple DES 3-Key <br /> 9. EC Public key <br /> 10. EC keypair |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Zero key slot <br /> 2. Invalid key slot |
+| | test_c009 | psa_set_key_lifetime | Change the lifetime of a key slot. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Initialize a key policy structure to a default that forbids all usage of the key <br /> 3. Set the standard fields of a policy structure <br /> 4. Set the usage policy on a key slot <br /> 5. Change the lifetime of a key slot <br /> 6. Import the key data into the key slot <br /> 7. Reset the system <br /> 8. After reboot check if the contents of persistent and write once key data are preserved | 1. Volatile keys <br /> 2. Persistent keys <br /> 3. Write once keys |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with incorrect argument should return failure | 1. Zero key slot <br /> 2. Invalid key slot <br /> 3. Invalid key lifetime |
+| | | | | PSA_ERROR_OCCUPIED_SLOT | If implementation does not supports changing the lifetime of preoccupied slot, calling this function with already occupied slot should return failure(Impdef) | Pre occupied key slot |
+| | test_c010 | psa_get_key_lifetime | Retrieve the lifetime of a key slot. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Initialize a key policy structure to a default that forbids all usage of the key <br /> 3. Set the standard fields of a policy structure <br /> 4. Set the usage policy on a key slot <br /> 5. Change the lifetime of a key slot <br /> 6. Import the key data into the key slot <br /> 7. Get the lifetime of a key slot | Testing only volatile keys as other key types are currently not supported |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with invalid parameter should return this error | 1. Invalid key policy <br /> 2. Zero key slot <br /> 3. Invalid key slot <br /> 4. Empty key slot |
+| | | | | | | |
+| **Message Authentication Codes** | test_c011 | psa_hash_start | Start a multipart hash operation. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Start a multipart hash operation | 1. MD2 <br /> 2. MD4 <br /> 3. MD5 <br /> 4. RIPEMD160 <br /> 5. SHA1 <br /> 6. SHA224 <br /> 7. SHA256 <br /> 8. SHA512 <br /> 9. SHA512_224 <br /> 10. SHA512_256 <br /> 11. SHA3_224 1 <br /> 2. SHA3_256 1 <br /> 3. SHA3_384 1 <br /> 4. SHA3_512 |
+| | | | | PSA_ERROR_NOT_SUPPORTED | Calling this function with unsupported algorithm should return error | Invalid hash algorithm |
+| | test_c012 | psa_hash_update | Add a message fragment to a multipart hash operation. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Start a multipart hash operation <br /> 3. Add a message fragment to a multipart hash operation | 1. MD2 <br /> 2. MD4 <br /> 3. MD5 <br /> 4. RIPEMD160 <br /> 5. SHA1 <br /> 6. SHA224 <br /> 7. SHA256 <br /> 8. SHA384 <br /> 9. SHA512 |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function without calling the psa_hash_start() should return error | Inactive operation handle |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with completed operation handle should return error | Completed operation handle |
+| | test_c013 | psa_hash_verify | Finish the calculation of the hash of a message and compare it with an expected value. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Start a multipart hash operation <br /> 3. Add a message fragment to a multipart hash operation <br /> 4. Finish the calculation of the hash of a message and compare it with an expected value | 1. MD2 <br /> 2. MD4 <br /> 3. MD5 <br /> 4. RIPEMD160 <br /> 5. SHA1 <br /> 6. SHA224 <br /> 7. SHA256 <br /> 8. SHA384 <br /> 9. SHA512 |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with inactive operation handle should return error | Inactive operation handle |
+| | | | | PSA_ERROR_INVALID_SIGNATURE | Calling this function with incorrect expected value should return error | 1. Incorrect expected hash value <br /> 2. Incorrect expected hash length |
+| | test_c014 | psa_hash_finish | Finish the calculation of the hash of a message. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Start a multipart hash operation <br /> 3. Add a message fragment to a multipart hash operation <br /> 4. Finish the calculation of the hash of a message <br /> 5. Compare it with the expected value | 1. MD2 <br /> 2. MD4 <br /> 3. MD5 <br /> 4. RIPEMD160 <br /> 5. SHA1 <br /> 6. SHA224 <br /> 7. SHA256 <br /> 8. SHA384 <br /> 9. SHA512 |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling this function with an inactive operation handle should return error | Inactive operation handle |
+| | | | | PSA_ERROR_BUFFER_TOO_SMALL | Calling this function with a hash buffer whose size is less than the algorithm output should return error | Buffer size less than required |
+| | test_c015 | psa_hash_abort | Abort a hash operation. | PSA_SUCCESS | 1. Initialize the PSA crypto library <br /> 2. Start a multipart hash operation <br /> 3. Abort a hash operation | 1. MD2 <br /> 2. MD4 <br /> 3. MD5 <br /> 4. RIPEMD160 <br /> 5. SHA1 <br /> 6. SHA224 <br /> 7. SHA256 <br /> 8. SHA384 <br /> 9. SHA512 |
+| | | | | PSA_ERROR_INVALID_ARGUMENT | Calling psa_hash_finish after calling psa_hash_abort should return error | |
diff --git a/psa-ff/docs/psa_ipc_testlist.md b/psa-ff/docs/psa_ipc_testlist.md
new file mode 100644
index 0000000..8d46d45
--- /dev/null
+++ b/psa-ff/docs/psa_ipc_testlist.md
@@ -0,0 +1,100 @@
+# PSA FF IPC Testcase checklist
+
+| Tests | Scenario rules | Client-Server Test Functions Pair | Test_algorithm/Comments/Test_limitation | PSA API crosses | Covered or to be covered in release |
+|------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------|--------------------------------------|
+| test_i001 | 1. psa_framework_version(): Retrieve the version of the PSA Framework API that is implemented. | [client/server]_test_psa_framework_version() | Call the psa_framework_version() API at both side SPE and NSPE and check the return value. | psa_framework_version | Alpha |
+| | 1. psa_version() returns PSA_VERSION_NONE when the RoT Service is not implemented, or the caller is not permitted to access the service OR return > 0 with the minor version of the implemented RoT Service. | [client/server]_test_psa_version() | 1. Pass un-implemented SID and expects PSA_VERSION_NONE as return value.<br /> <br /> 2. Call to API from NSPE with a SID who doesn't provide service to NSPE and expects PSA_VERSION_NONE as return value <br /> <br /> 3. Pass SID who is implemented and provides service to NSPE and expect minor number(>0) of given RoT service as return Perform all above checks from SPE too. | psa_version | Alpha |
+| test_i002 | 1. psa_connect() returns the PSA_CONNECTION_BUSY when RoT Service cannot make the connection at the moment (transient error).<br /> <br /> 2. psa_connect() returns the PSA_CONNECTION_REFUSED when RoT Service has refused the connection <br /> <br /> 3.psa_wait_any() returns the set of signals that have been asserted for a Secure Partition. Returns > 0 when at least one signal is asserted <br /> <br /> 4.psa_get():Get the message which corresponds to a given RoT Service signal and remove the message from the queue. <br /> <br /> 5.psa_get() returns PSA_SUCCESS when \*msg will contain the delivered message. <br /> <br /> 6.The type member of the psa_msg_t object should return PSA_IPC_CONNECT for a new connection request following a psa_get() call to psa_connect() and msg.handle must be positive. <br /> <br /> 7.psa_reply(): If the message type is PSA_IPC_CONNECT then server can reject the connection by sending PSA_CONNECTION_REFUSED (permanent error) or PSA_CONNECTION_BUSY (transient error) status code. | [client/server]_test_connection_busy_and_reject() | 1. Client tries to connect to ROT service using psa_connect() <br /> <br /> 2. RoT service checks the delivery of PSA_IPC_CONNECT message type and positive handle value returned by psa_get() <br /> <br /> 3.RoT service rejects the connection by executing psa_reply(handle,PSA_CONNECTION_BUSY) <br /> <br /> 4.Client tries to connect to same ROT service using psa_connect() again <br /> <br /> 5.This time, RoT service rejects the connection by executing psa_reply(handle,PSA_CONNECTION_REFUSED) <br /> <br />Perform all above steps from NSPE and SPE both. | psa_connect, psa_wait_any, psa_get, psa_reply | Alpha |
+| | 1. psa_connect(): When SID is implemented and client is permitted to access the service, SPM delivers a PSA_IPC_CONNECT message from the client to the Secure Partition that implements the RoT Service and positive handle is returned to client. <br /><br /> 2. psa_get():Get the message which corresponds to a given RoT Service signal and remove the message from the queue. <br /> <br /> 3.psa_get() returns PSA_SUCCESS when \*msg will contain the delivered message <br /> <br /> 4.psa_get():The type member of the psa_msg_t object should return PSA_IPC_CONNECT for a new connection request following a psa_get() call to psa_connect() and msg.handle must be positive. <br /> <br /> 5.psa_get(): The type member of the psa_msg_t object should return PSA_IPC_DISCONNECT for a new connection request following a psa_get() call to psa_close() and msg.handle must be positive. <br /> <br /> 6.psa_reply(): If the message type is PSA_IPC_CONNECT then server can accept the connection by sending PSA_SUCCESS status code. If the message type is PSA_IPC_DISCONNECT then the status code is ignored. <br /> <br /> 7.psa_close(): Closes a connection to a RoT Service. Sends the PSA_IPC_DISCONNECT message to the RoT Service. This function will have no effect if called with the null handle. | [client/server]_test_accept_and_close_connect() | 1.Client tries to connect to ROT service <br /> <br /> 2. RoT service checks the delivery of PSA_IPC_CONNECT message type and positive handle value return by psa_get() <br /> <br /> 3.RoT service accepts the connection by executing psa_reply(.., PSA_CONNECTION_ACCEPTED). <br /> <br /> 4.Client calls the psa_close with PSA_NULL_HANDLE and later it closes the connection using psa_close() with actual handle value <br /> <br /> 5.RoT service checks the delivery of PSA_IPC_DISCONNECT message type, checks handle value eqaul to NULL returned by psa_get() and completes the PSA_IPC_DISCONNECT by executing psa_reply() . <br /> <br />Perform all above steps from NSPE and SPE both. | psa_connect, psa_wait_any, psa_get, psa_reply, psa_close | Alpha |
+| | Following are allowed minor version condition to psa_connect(): 1. Version policy is not mentioned and requested version is 1 which is default minimum version <br /> <br /> 2. Version policy is STRICT and requested version equals minimum version <br /> <br /> 3.Version policy is relaxed and requested version is smaller than the minimum version <br /> <br /> 4.Version policy is relaxed and requested version is equal to the minimum version | [client/server]_test_connect_with_allowed_minor_version_policy() | Client tries connecting ROT service of following properties and expects connection to astablish: <br /> <br />- Version policy is not mentioned and requested version is 1 which is default minimum version <br /> <br />- Version policy is STRICT and requested version equals minimum version <br /> <br />- Version policy is relaxed and requested version is smaller than the minimum version <br /> <br />- Version policy is relaxed and requested version is equal to the minimum version <br /> <br />Perform all above steps from NSPE and SPE both. | psa_connect | Alpha |
+| | 1. psa_call(): The valid psa_call, make SPM to send PSA_IPC_CALL msg.type to the RoT servicee partition and the successful call should return >=0 handle value. <br /> <br /> 2. psa_call() receives return value >= 0 for RoT-specific return code <br /> <br /> 3.psa_call() receive return value < 0 for RoT-specific error code <br /> <br /> 4.psa_reply(): If the message type is PSA_IPC_CALL and ROT service want to end call with success then the return code must be PSA_SUCCESS or and positive integers are used to indicate RoT Service specific result values(this must be reported to client). All other return codes (INT32_MIN+128 to -1) are reported to the client. | [client/server]_test_psa_call_with_allowed_status_code() | 1. Client connects to RoT service <br /> <br /> 2. Client sends message using psa_call() <br /> <br /> 3.RoT service checks the delivery of PSA_IPC_CALL message type and positive handle value return by psa_get() <br /> <br /> 4.RoT service ends the call using psa_reply(status_code) <br /> <br /> 5.Client checks the return value of psa_call() and Client closes the connection Repeat (1) to (5) for different status code, SUCCESS, +ve, -ve.. <br /> <br />Perform all above steps from NSPE and SPE both. | psa_call, psa_reply | Alpha |
+| | 1. A msg.client_id that has a positive value indicates that the client is in the SPE and this the Secure Partition ID of the client. A negative client_id indicates that the client is in the NSPE. <br /> <br /> 2. Client_id is valid during PSA_IPC_CONNECT, PSA_IPC_CALL and PSA_IPC_DISCONNECT msg type. <br /> <br /> 3.Manifest Parameter- name (required, unique) A Partition must have an alphanumeric name for source code to directly refer to a specific Partition. The format of the name must follow the rules of a C macro. <br /> <br /> 4.Manifest Parameter - id (required, unique) It must be represented by a hexadecimal string. The Secure Partition ID can be referenced in Secure Partition source code via the symbolic name specified as name attribute. The symbol must have the value of the Secure Partition ID. | [client/server]_test_identity() | - Check the value returned by msg.client_id during PSA_IPC_CONNECT, PSA_IPC_CALL and PSA_IPC_DISCONNECT. For NSPE connection, client_id should be <0 and for SPE, it should be >0. <br /> <br />Perform all above steps from NSPE and SPE both. - Access the Partition ID of client partition and compare the value with expected ID value. | psa_get | Alpha |
+| | 1. psa_connect() will return the PSA_CONNECTION_REFUSED OR PSA_CONNECTION_BUSY when the SPM has reached the limit of concurrent connections | [client/server]_test_spm_concurrent_connect_limit() | Execute psa_connect() API in a loop until it returns PSA_CONNECTION_REFUSED or PSA_CONNECTION_BUSY <br /> <br />Perform above step from NSPE and SPE both. | psa_connect | Alpha |
+| | 1. psa_wait_any(): When MODE(PSA_BLOCK) is one, the function will block the caller until one of the requested signals is asserted. <br /> <br /> 2.psa_wait_any(): RES timeout[30:0] is reserved for future use. Callers must set RES to zero, implementations must ignore the value of RES.These requirements ensure compatibility for the intended future use of this field. | [client/server]_test_psa_wait_any_with_psa_block() | 1. Client connects to a RoT service mutilpe times. <br /> <br /> 2. RoT service psa_wait_any(PSA_BLOCK|(Non-zero value for timeout[30:0])) API is executed in a while loop. <br /> <br /> 3.Count the number of times while loop iterates over and number of times psa_wait_any API returns(signal value must be zero). <br /> <br /> 4.At the end, match both counts to check API's BLOCK behvaiour. <br /> <br />Perform above steps from NSPE and SPE both. | psa_wait_any | Alpha |
+| | 1. psa_wait_any(): When MODE is zero, the function will return immediately with the current signal state, which can be zero if no signals are active. | [client/server]_test_psa_wait_any_with_psa_poll() | 1. Client connects to a RoT service mutilpe times. <br /> <br /> 2. RoT service executes psa_wait_any(PSA_POLL) in a while loop and checks the API's polling behaviour. <br /> <br /> 3.Call psa_wait_any(PSA_POLL) when no request is made by client and checks the return value <br /> <br />Perform above steps from NSPE and SPE both. | psa_wait_any | Alpha |
+| test_i003 | 1. The reverse handle for a connection is NULL until psa_set_rhandle() is used. psa_set_rhandle() can be used to associate some caller-provided private data with a specified client connection. And SPM must provide same rhandle for msg.rhandle with all subsequent messages delivered on this connection. On success the rhandle is retained by the implementation and provided in all future messages on that connection as part of the psa_msg_t structure. <br /> <br /> 2. Setting the rhandle for a connection during disconnection has no observable effect. | [client/server]_test_psa_set_rhandle() | 1. Client connects to RoT service and RoT service checks the value of msg.rhanlde value duing PSA_IPC_CONNECT <br /> <br /> 2. Client send call msg to RoT service and RoT service checks the value of msg.rhanlde value duing PSA_IPC_CONNECT <br /> <br /> 3.ROT service sets the rhandle with known value. <br /> <br /> 4.Client send call msg to RoT service and RoT service now compare the value of msg.rhanndle with previously set value <br /> <br /> 5.ROT service sets the rhandle with known value other than previously set value <br /> <br /> 6.Client send call msg to RoT service and RoT service now compare the value of msg.rhanndle with last set value <br /> <br /> 7.The reverse handle for a connection is NULL until psa_set_rhandle() is used <br /> <br />Perform above steps from NSPE and SPE both. | psa_set_rhandle, psa_get | Alpha |
+| | 1. psa_call():The caller can optionally provide one or more buffers to receive a response (out_vec). <br /> <br /> 2. psa_get(): The array in_size provides the size of each client input vector in bytes. The array out_size provides the size of each client output vector in bytes. <br /> <br /> 3.psa_read(): parameter from the client input vector. Streams up to the next num_bytes bytes of client input vector invec_idx in the message identified by msg_handle to the Secure Partition buffer. Returns the number of bytes copied. <br /> <br /> 4.psa_read(): If num_bytes is less than or equal to the available data in the input vector then num_bytes are copied to buffer, and the remaining data in the input vector can be read by subsequent calls to psa_read() with the same msg_handle and invec_idx. <br /> <br /> 5.psa_read(): RoT Services can determine how much data is available to read from the message based on the in_size[] attribute of the psa_msg_t message returned from psa_get(). If an input vector has not been passed by the client then the corresponding in_size[] for that vector is zero. <br /> <br /> 6.psa_read(): If num_bytes is greater than the remaining data in the input vector then the remaining input bytes are copied to buffer and the call returns the number of bytes copied. Any space after this in buffer is not modified. Subsequent calls of psa_read() or psa_skip() with the same message input vector will report that there is no more data in the vector. <br /> <br /> 7.psa_skip(): Skip over part of a client input vector. Advances the current read offset by skipping up to num_bytes bytes for input vector invec_idx in the message identified by msg_handle. psa_skip(): When psa_skip returns, it returns with the number of bytes skipped <br /> <br /> 8.psa_skip(): If There was no remaining data in this input vector, return zero 9.psa_skip(): If num_bytes is greater than the remaining size of the input vector then the remaining size of the input vector is returned. Subsequent calls of psa_read() or psa_skip() with the same message input vector will report that there is no more data in the vector. | [client/server]_test_call_read_and_skip() | 1.Client connects to RoT service <br /> <br /> 2. Client sends four input vectors to RoT service using psa_call <br /> <br /> 3.RoT service checks following <br />- Reporting of input vectors size through msg.in_size <br />- Input vectors content reading through psa_read <br />-Inbound /Outbound offset reading <br />-Inbound/Outbound offset skipping <br />-Zero byte read and skip <br />-out_len=0 check <br /> <br /> 4.Client recieves the status of RoT service checks and closes the connection <br /> <br />Perform above steps from NSPE and SPE both. | psa_call, psa_read, psa_skip, psa_get, | Alpha |
+| | 1. psa_call(): The caller can optionally provide one or more buffers to receive a response (out_vec). On return from psa_call() the len value will have been updated to indicate the number of bytes of data written to the buffer by the RoT Service. <br /> <br /> 2. psa_write(): Appends num_bytes of data from buffer to the client output vector outvec_idx in the message identified by msg_handle. Sequential calls using the same msg_handle and outvec_idx will be concatenated in the output vector | [client/server]_test_call_and_write() | 1. Client connects to RoT service <br /> <br /> 2. Client sends four output vectors to RoT service using psa_call <br /> <br /> 3.RoT service checks following <br />- Reporting of output vectors size through msg.out_size <br />- in_len=0 check <br />- Zero byte write <br />- Out vector writes using psa_write <br />- Vector write concatenation <br /> <br /> 4.Client recieves the status of RoT service checks, cross check the content of out vectors and closes the connection <br /> <br />Perform above steps from NSPE and SPE both. | psa_call, psa_get, psa_write | Alpha |
+| | 1. psa_call(): Any I/O vector of length zero is permitted and will be treated as an empty or non-existent vector by the framework. When less than four vectors are provided to psa_call() for either input or output, then the remaining vectors have zero length and the in_size and out_size elements for these vectors will be zero. <br /> <br /> 2.psa_call(): If in_len is zero then in_vec is ignored <br /> <br /> 3. psa_call(): If out_len is zero then out_vec is ignored. <br /> <br /> 4.psa_get(): If an input and output vector has not been passed by the client then the corresponding in_size[] and out_size[] for that vector is zero. | [client/server]_test_zero_length_invec() [client/server]_test_zero_length_outvec() | Test zero lenth input vector 1. Client connects to RoT service <br /> <br /> 2.Client sends three input and one outvec vectors to RoT service using psa_call - invec 0 as zero length vector, invec 1 as NULL and invec 2 and outvec 0 as non-zero length vector <br /> <br /> 3.RoT service checks size of each vectors reported through msg.in_size and msg.out_size <br /> <br /> 4.Client recieves the status of checks and closes the connection Test zero lenth output vector 1. Client connects to RoT service <br /> <br /> 2.Client sends one input and three outvec vectorsto RoT service using psa_call - outvec 0 as zero length vector, outvec 0 as NULL and invec 0 and outvec 2 as non-zero length vector <br /> <br /> 3.RoT service checks size of each vectors reported through msg.in_size and msg.out_size <br /> <br /> 4.Client recieves the status of checks and closes the connection <br /> <br />Perform above steps from NSPE and SPE both. | psa_call, psa_get | Alpha |
+| | 1. When client provides an input and output vectors which are referencing to same memory location, a psa_read after psa_write to the same memory location can return original or modified value. <br /> <br /> 2.When client provides an input and output vectors which are referencing to same memory location, a psa_write(s) to both memory vectors can return either the 1st or the 2nd value written. | [client/server]_test_overlapping_vectors | 1. Client provides one input and 2 output vectors which are pointing to same location. <br /> <br /> 2.RoT service performs read after write operation on to outvec-0 and expects return value either modified one or the original <br /> <br /> 3.RoT service performs write operation to outvec-1 and unblock the connection. The write performed is to mimic write after write operatio to the overlapping vector. <br /> <br /> 4.Client check the value of outvec. The value should be either the value written by first psa_write or the second psa_write. | psa_call, psa_write, psa_read | Alpha |
+| test_i004 | psa_connect() does not return if RoT Service does not exist on platform | [client/server]_test_sid_does_not_exists() | Call psa_connect with SID which does not exist on a platform <br /> <br />Perform above step from NSPE and SPE both. | psa_connect | Alpha |
+| test_i005 | psa_connect() does not return if Version policy is STRICT and requested version is HIGHER than minimum version | [client/server]_test_strict_policy_higher_minor_version() | call psa_connect with SID whose Version policy is STRICT and requested minor version is HIGHER than minimum version. <br /> <br />Perform above step from NSPE and SPE both. | psa_connect | Alpha |
+| test_i006 | psa_connect() does not return if Version policy is STRICT and requested version lower than minimum version | [client/server]_test_strict_policy_lower_minor_version() | call psa_connect with SID whose Version policy is STRICT and requested minor version is Lower than minimum version. <br /> <br />Perform above step from NSPE and SPE both. | psa_connect | Alpha |
+| test_i007 | psa_connect() does not return if Version policy is RELAXED and requested version is bigger than minimum version | [client/server]_test_relax_policy_higher_minor_version() | call psa_connect with SID whose Version policy is RELAXED and requested minor version is HIGHER than minimum version. <br /> <br />Perform above step from NSPE and SPE both. | psa_connect | Alpha |
+| test_i008 | 1. psa_connect() does not return if Service to non_secure_client is not avaiable <br /> <br /> 2.Manifest parameter - The non_secure_clients field contains a boolean to indicate if it is accessible to NSPE clients. RoT Services are always accessible to SPE clients. | [client/server]_test_secure_access_only_connection() | Call psa_connect with SID which allow secure only connection. <br /> <br />Perform above step from NSPE and SPE both. | psa_connect | Alpha |
+| test_i009 | 1. psa_connect() does not return if External SID is not mentioned. <br /> <br /> 2.Manifest parameter- extern_sids (optional) If access between a Secure Partition (acting as client) and a RoT Service (acting as server) is not specified in the manifest, then the client is not permitted to connect to the RoT Service. | [client/server]_test_unextern_sid_connection() | Call psa_connect with SID which is not mentioned as external SID in manifest. | psa_connect | Alpha |
+| test_i010 | It is not required for the minor_version or minor_policy attributes to be specified. If they are not specified in the manifest, the RoT Service will have default attributes of minor_version=1 and minor_policy= STRICT . psa_connect() does not return if requested version higher than minimum version | [client/server]_test_unspecified_policy_with_higher_minor_ver() | Call psa_connect with SID whose Version policy is not mentioned and requested minor version is HIGHER than minimum version. <br /> <br />Perform above step from NSPE and SPE both. | psa_connect | Alpha |
+| test_i011 | It is not required for the minor_version or minor_policy attributes to be specified. If they are not specified in the manifest, the RoT Service will have default attributes of minor_version=1 and minor_policy= STRICT . psa_connect() does not return if requested version lower than minimum version | [client/server]_test_unspecified_policy_with_lower_minor_ver() | Call psa_connect with SID whose Version policy is not mentioned and requested minor version is lower than minimum version. <br /> <br />Perform above step from NSPE and SPE both. | psa_connect | Alpha |
+| test_i012 | psa_close() does not return if an invalid handle was provided that is not the null handle | [client/server]_test_psa_close_with_invalid_handle() | Call psa_close with INVALID_HANDLE which is not NULL. <br /> <br />Perform above step from NSPE and SPE both. | psa_close | Alpha |
+| test_i013 | psa_get() does not return if signal has more than a single bit set | [client/server]_test_psa_get_with_more_than_one_signal() | Call psa_get with a signal who has more than a single bit set | psa_get | Alpha |
+| test_i014 | After a RoT Service message is signaled, psa_get() function is used to retrieve the message details. Each message can only be retrieved once. | [client/server]_test_psa_get_called_twice() | Call psa_get with a valid signal back to back. | psa_get | Alpha |
+| test_i015 | psa_get() does not return if signal does not correspond to a RoT Service | [client/server]_test_psa_get_with_non_rot_signal() | Call psa_get with DOORBELL signal | psa_get | Alpha |
+| test_i016 | psa_get() does not return if The RoT Service signal is not currently asserted | [client/server]_test_psa_get_with_unasserted_signal() | Call psa_get with singal which is currently not asserted | psa_get | Alpha |
+| test_i017 | Each RoT Service listed creates a dependency from the client Partition to a server Partition. Within the resulting network of dependencies, there must be no circular dependencies between Secure Partitions. This would result in deadlock because the Service requests are always synchronous. For the same reason, a Secure Partition must not use a RoT Service that is defined within itself. Direct function calls must be used instead of IPC where there is a dependency between RoT Services within a single Secure Partition. | [client/server]_test_partition_calling_its_own_rot_service() | Partition calling its own ROT service using psa_connect. | psa_connect | Alpha |
+| test_i018 | psa_set_rhandle() does not return if an invalid message handle was provided | [client/server]_test_psa_set_rhandle_with_invalid_handle() | Call psa_set_rhanlde with an INVALID_HANDLE which is not NULL | psa_set_rhandle | Alpha |
+| test_i019 | psa_set_rhandle() does not return if Null handle was passed | [client/server]_test_psa_set_rhandle_with_null_handle() | Call psa_set_rhanlde with NULL handle | psa_set_rhandle | Alpha |
+| test_i020 | If messgae type if is PSA_IPC_CONNECT then use of status values in psa_reply() other than PSA_SUCCESS or PSA_CONNECTION_REFUSED is a fatal programming error | [client/server]_test_psa_reply_with_invalid_connect_status_code() | Call to psa_reply during PSA_IPC_CONNECT with status code other than PSA_SUCCESS and PSA_CONNECTION_REFUSED | psa_reply | Alpha |
+| test_i021 | If message type if PSA_IPC_CALL , the use of other reserved status codes in the range INT32_MIN+1 to INT32_MIN+127 for psa_reply() is a fatal programming error. | [client/server]_test_psa_reply_with_invalid_call_status_code() | Call to psa_reply during PSA_IPC_CALL with status code other than allowed code | psa_reply | Alpha |
+| test_i022 | psa_reply() does not return if the message handle is invalid | [client/server]_test_psa_reply_with_invalid_handle() | Call psa_reply with an INVALID_HANDLE which is not NULL | psa_reply | Alpha |
+| test_i023 | psa_reply() does not return if the message handle is Null handle | [client/server]_test_psa_reply_with_null_handle() | Call psa_reply with a NULL HANDLE | psa_reply | Alpha |
+| test_i024 | psa_call() does not return if an invalid handle was passed | [client/server]_test_psa_call_with_invalid_handle() | Call psa_call with an INVALID_HANDLE which is not NULL. <br /> <br />Perform this step from NSPE and SPE both. | psa_call | Alpha |
+| test_i025 | psa_call() does not return if an null handle was passed | [client/server]_test_psa_call_with_null_handle() | Call psa_call with a NULL HANDLE. Perform this step from NSPE and SPE both. | psa_call | Alpha |
+| test_i026 | psa_call() does not return if in_len + out_len > PSA_MAX_IOVEC | [client/server]_test_psa_call_with_iovec_more_than_max_limit() | Call psa_call with more than four IOVECs. Perform this step from NSPE and SPE both. | psa_call | Alpha |
+| test_i027 | 1. psa_call() returns PSA_DROP_CONNECTION when the connection has been dropped by the RoT Service. This indicates that either this or a previous message was invalid (The SPM will implement one of the following behaviors in this situation: • this is a client fatal error and psa_call() will not return • psa_call() returning PSA_DROP_CONNECTION. In this case, all subsequent calls to psa_call() on this connection will immediately return PSA_DROP_CONNECTION and the connection must be closed) <br /> <br /> 2.psa_reply(): If the message type is PSA_IPC_CALL and the client has made an invalid request, then the RoT Service can request for the connection to be terminated by calling psa_reply() with return value PSA_DROP_CONNECTION. After this, the RoT Service will receive no further PSA_IPC_CALL messages on that connection. The SPM will deliver a PSA_IPC_DISCONNECT to the RoT Service to release any resources associated with that connection. | [client/server]_test_psa_drop_connection() | RoT service executes psa_reply with status code eqaul to PSA_DROP_CONNECTION during PSA_IPC_CALL. Client expects either PSA_DROP_CONNECTION as returned status code or does not return condition for psa_call. Perform above steps from NSPE and SPE both. | psa_call | Alpha |
+| test_i028 | psa_read() does not return if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_read_at_ipc_connect() | Call psa_read during PSA_IPC_CONNECT | psa_read | Alpha |
+| test_i029 | psa_read() does not return if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_read_at_ipc_disconnect() | Call psa_read during PSA_IPC_DISCONNECT | psa_read | Alpha |
+| test_i030 | psa_read() does not return if Null handle was passed | [client/server]_test_psa_read_with_null_handle() | Call psa_read with NULL handle | psa_read | Alpha |
+| test_i031 | psa_read() does not return if Invalid handle was passed | [client/server]_test_psa_read_with_invalid_handle() | Calll psa_read with INVALID_HANDLE which is not NULL | psa_read | Alpha |
+| test_i032 | psa_read() does not return if invec_idx is equal to PSA_MAX_IOVEC | [client/server]_test_psa_read_with_invec_equal_to_max_iovec() | Call psa_read with invec_idx=PSA_MAX_IOVEC | psa_read | Alpha |
+| test_i033 | psa_read() does not return if invec_idx is greater than PSA_MAX_IOVEC | [client/server]_test_psa_read_with_invec_greater_than_max_iovec() | Call psa_read with invec_idx>PSA_MAX_IOVEC | psa_read | Alpha |
+| test_i034 | psa_skip() does not return if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_skip_at_ipc_connect() | Call psa_skip during PSA_IPC_CONNECT | psa_skip | Alpha |
+| test_i035 | psa_skip() does not return if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_skip_at_ipc_disconnect() | Call psa_skip during PSA_IPC_DISCONNECT | psa_skip | Alpha |
+| test_i036 | psa_skip() does not return if Null handle was passed | [client/server]_test_psa_skip_with_null_handle() | Call psa_skipwith NULL handle | psa_skip | Alpha |
+| test_i037 | psa_skip() does not return if Invalid handle was passed | [client/server]_test_psa_skip_with_invalid_handle() | Calll psa_skip with INVALID_HANDLE which is not NULL | psa_skip | Alpha |
+| test_i038 | psa_skip() does not return if invec_idx is equal to PSA_MAX_IOVEC | [client/server]_test_psa_skip_with_invec_equal_to_max_iovec() | Call psa_skip with invec_idx=PSA_MAX_IOVEC | psa_skip | Alpha |
+| test_i039 | psa_skip() does not return if invec_idx is greater than PSA_MAX_IOVEC | [client/server]_test_psa_skip_with_invec_greater_than_max_iovec() | Call psa_skip with invec_idx>PSA_MAX_IOVEC | psa_skip | Alpha |
+| test_i040 | psa_write() does not return if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_write_at_ipc_connect() | Call psa_write during PSA_IPC_CONNECT | psa_write | Alpha |
+| test_i041 | psa_write() does not return if msg_handle does not refer to a PSA_IPC_CALL message | [client/server]_test_psa_write_at_ipc_disconnect() | Call psa_write during PSA_IPC_DISCONNECT | psa_write | Alpha |
+| test_i042 | psa_write() does not return if Null handle was passed | [client/server]_test_psa_write_with_null_handle() | Call psa_write with NULL handle | psa_write | Alpha |
+| test_i043 | psa_write() does not return if Invalid handle was passed | [client/server]_test_psa_write_with_invalid_handle() | Calll psa_write with INVALID_HANDLE which is not NULL | psa_write | Alpha |
+| test_i044 | psa_write() does not return if invec_idx is equal to PSA_MAX_IOVEC | [client/server]_test_psa_write_with_invec_equal_to_max_iovec() | Call psa_write with invec_idx=PSA_MAX_IOVEC | psa_write | Alpha |
+| test_i045 | psa_write() does not return if invec_idx is greater than PSA_MAX_IOVEC | [client/server]_test_psa_write_with_invec_greater_than_max_iovec() | Call psa_write with invec_idx>PSA_MAX_IOVEC | psa_write | Alpha |
+| test_i046 | psa_write() does not return if the call attempts to write data past the end of the client output vector | [client/server]_test_psa_write_with_size_overflow() | Call psa_write with a size input one byte bigger than allowed size | psa_write | Alpha |
+| | psa_get does not return if The msg pointer provided is not a valid memory reference | | | | To be covered in Beta |
+| | psa_call does not return if address of in_vec is invalid for client | | | | To be covered in Beta |
+| | psa_call does not return if address of out_vec is invalid for client | | | | To be covered in Beta |
+| | psa_call does not return if psa_invec.base address is invalid for client | | | | To be covered in Beta |
+| | psa_call does not return if psa_outvec.base address is invalid for client | | | | To be covered in Beta |
+| | psa_call does not return if psa_invec.base addr is valid but psa_invec.base+size address is invalid for client | | | | To be covered in Beta |
+| | psa_call does not return if psa_outvec.base addr is valid but psa_invec.base+sizeaddress is invalid for client | | | | To be covered in Beta |
+| | psa_get() returns PSA_ERR_NOMSG if the SPM cannot deliver a message to the Secure Partition following the assertion of the RoT Service signal. | | | | To be covered in Beta |
+| | psa_close doesnot return if The connection is already handling a request | | | | To be covered in Beta |
+| | psa_call doesnot return if The connection is already handling a request | | | | To be covered in Beta |
+| | psa_read does not return if the memory reference for buffer is invalid or not writable | | | | To be covered in Beta |
+| | psa_write does not return if the memory reference for buffer is invalid | | | | To be covered in Beta |
+| | 1. psa_notify(): Sends a PSA_DOORBELL signal to a specific Secure Partition. The receiving partition should be expecting the assertion of their PSA_DOORBELL signal using psa_wait_interrupt() or psa_wait_any(). <br /> <br /> 2.psa_clear() clears the PSA_DOORBELL signal. <br /> <br /> 3.psa_clear(): The target Partition doorbell will remain asserted until it calls psa_clear() <br /> <br /> 4.psa_wait_interrupt() returns the Secure Partition interrupt signals that have been asserted from the subset of signals indicated in the bitmask provided. The mask must contain the set of signals the caller is interested in handling. Signals that are not in this set will be ignored. <br /> <br /> 5.psa_wait_interrupt() : When MODE(PSA_BLOCK) is one, the function will block the caller until one of the requested signals is asserted. <br /> <br /> 6.psa_wait_interrupt() : When MODE is zero, the function will return immediately with the current signal state, which can be zero if no signals are active. <br /> <br /> 7.psa_wait_interrupt(): RES timeout[30:0] Reserved for future use. Callers must set RES to zero, implementations must ignore the value of RES. | | | | To be covered in Beta |
+| | psa_notify does not return if Partition ID does not correspond to a Secure Partition | | | | To be covered in Beta |
+| | psa_clear does not return if The Secure PartitionÂ’s doorbell signal is not currently asserted | | | | To be covered in Beta |
+| | 1. psa_wait_interrupt() returns the Secure Partition interrupt signals that have been asserted from the subset of signals indicated in the bitmask provided. <br /> <br /> 2.psa_eoi():Informs the SPM that an interrupt has been handled (end of interrupt). This will re-enable the interrupt line. psa_eoi(): A signal remains active until it is processed by psa_eoi <br /> <br /> 3.Manifest- irqs (optional, unique) A Partition can claim exclusive access to IRQ lines. A list can be provided of IRQ lines which the partition must exclusively handle. When doing so, a signal name must be provided so that a Partition can reference the associated signal. | | | | To be covered in Beta |
+| | psa_wait_interrupt does not return if signal_mask does not include any interrupt or doorbell signals | | | | To be covered in Beta |
+| | psa_wait_interrupt does not return if signal_mask includes one or more RoT Service signals | | | | To be covered in Beta |
+| | psa_eoi does not return if irq_signal is not an interrupt signal | | | | To be covered in Beta |
+| | psa_eoi does not return if irq_signal indicates more than one signal | | | | To be covered in Beta |
+| | psa_eoi does not return if irq_signal is not currently asserted | | | | To be covered in Beta |
+| No explicit test | The SPM must eventually deliver all signals and IPC messages. | | No explicit test written to cover this rule. All PSA tests are written with the expectation that the SPM delivers all requested signals and IPC message in a timely fashion. Failure to provide this will result in simulation time out. | | Alpha |
+| | A Secure Partition is guaranteed to be able to execute and read its own code regions, read its own read-only data regions and read and write its private stack, data, and heap regions | | | | To be covered in Beta |
+| | Isolation Level-1 rules - The SPM must ensure that no runtime state, data or devices that are part of the SPE can be accessed (read or written) by firmware or hardware in the NSPE. Assets considered for verifying isolation rules: - Local static data (static variable declared inside function) - Global data and variables - Heap data and Stack data - MMIO regions | | From non-secure application, access(read/write) above assets of Application RoT and PSA RoT and expect transaction fail. | | To be covered in Beta |
+| | Isolation Level-2 rules- In addition to the Level 1 requirements, Level 2 firmware isolation requires - SPM must ensure that no runtime state, data or devices that are part of the PSA Root of Trust can be accessed (read or written) by firmware or hardware in the Application Root of Trust. | | In Addition to level-1 tests, perform following checks: From Application RoT partition, access(read/write) PSA RoT (SPM and PSA RoT Partition) assets and expect transaction fail. | | To be covered in Beta |
+| | Isolation Level-3 rules - In addition to the Level 1 requirements, Level 3 firmware isolation requires: • The SPM must ensure that no runtime state, data or devices that are part of the SPM can be accessed (read or written) by firmware or hardware in any Secure Partition. • The SPM must ensure that no runtime state, data or devices that are part of a Secure Partition can be accessed (read or written) by firmware or hardware in any other Secure Partition. | | In Addition to level-1 and level 2 tests, perform following checks: From Application secure partition, access(read/write) other Application secure partition asserts and expect transaction fail. | | To be covered in Beta |
+| No explicit test | Manifest Parameter - id (required, unique) A Secure Partition ID must be a non-zero positive 32-bit value. | | PSA IPC tests partition files will be provided with unique Partition ID which is non-zero positive and name field compliant to manifest rules. | | Alpha |
+| Out of scope | Secure Partition IDs must be fixed across updates | | Checking for Partition IDs across SPM updates is out of scope for PSA IPC tests. | | |
+| | Manifest Parameter- type (required) Whether the Partition is a part of the PSA Root of Trust Services or is part of the Application Root of Trust Services. Type must be assigned one of the following values: - APPLICATION-ROT - PSA-ROT | | PSA IPC tests partition files will be provided with these field. Access permission related to these fields will be verified as part of tests covering isolation level rules. | | To be covered in Beta |
+| No explicit test | Manifest Parameter - description (optional) Field for human readable descriptions and comments. | | PSA IPC tests partition files will be provided with these field with adhere to manifest rules | | To be covered in Beta |
+| Out of scope | Manifest Parameter - priority (required) Partitions must be assigned one of the following priority groups: • HIGH • NORMAL • LOW LOW is the lowest priority. Priority is ignored by SPMs that do not implement any priority-based scheduling | | PSA IPC tests partition files are provided with priority field equal to LOW. Use of these fields are higly dependent on type of SPM scheduling policy and verifying scheduling policy is out of scope for IPC tests | | |
+| No explicit test | Manifest Parameter -entry_point (required, unique) The Partition entry point in the form of an C function symbol. A single entry point must be provided. | | No explicit test written to cover this rule. PSA IPC tests manifests are provided with tests partition entry_point. A successful luanch and run of tests partition code indirectly verify this field. | | Alpha |
+| No explicit test | Manifest Parameter- stack_size (required) Partition's stack size in bytes. The size value must be represented either as a positive integer or as a hexadecimal string. | | No explicit test written to cover this rule. PSA IPC tests manifests are provided with tests partition required stack_size. A successful run of tests partition code indirectly verify this field. | | Alpha |
+| | Manifest Parameter- heap_size (optional) Partition's heap size in bytes. The size value must be represented either as a positive integer or as a hexadecimal string. If this field is not specified then the heap size must be set to 0. | | | | To be covered in Beta |
+| No explicit test | Manifest Parameter- source_files (required) Explicit list of file paths to files containing the Partition's source code. Source file paths must be relative path names. | | No explicit test written to cover this rule. PSA IPC tests manifests are provided with source_files filled with tests source files. A successful compilation and run of tests partition code indirectly verify this field. | | Alpha |
+| No explicit test | Manifest Parameter- RoT Services (optional, unique) A Partition must declare all of the RoT Services that it implements. This includes at least four identifying pieces of information: • The sid field contains the SID value. • The signal field contains an alphanumeric string for use with psa_get(). • The name field contains an alphanumeric string for use with psa_connect(). | | PSA IPC tests manifests are provided with these fields. A successful compilation and run of tests partition code indirectly verify this field. | | Alpha |
+| No explicit test | mmio_regions (optional, unique) List of memory-mapped I/O region objects which the Secure Partition needs access to. This may be required by a Secure Partition in order to implement a device driver. A Secure Partition always has exclusive access to an MMIO region. Secure Partitions are not permitted to share MMIO regions with other Secure Partitions. An MMIO region can be defined either as a: • numbered_region • named_region | | PSA IPC tests device driver partition manifests are provided with these fields. A successful compilation and run of device driver partition code indirectly verify this field. Rules around sharing of MMIO regions can't be test as sharing of MMIO regions between secure partition will result into compilation fail. PSA tests partition relies on numbered_region only as named_region is subject to resolved in Implementation defined manner. | | To be covered in Beta |
+| No explicit test | Manifest Input - psa_framework_version - Version of the PSA Firmware Framework specification this manifest conforms to. | | PSA IPC tests manifests are provided with this field. A successful compilation and run of tests partition code indirectly verify this field. | | Alpha |
diff --git a/psa-ff/platform/manifests/common/driver_partition_psa.json b/psa-ff/platform/manifests/common/driver_partition_psa.json
new file mode 100644
index 0000000..878c923
--- /dev/null
+++ b/psa-ff/platform/manifests/common/driver_partition_psa.json
@@ -0,0 +1,69 @@
+{
+ "psa_framework_version": 0.10,
+ "name": "DRIVER_PARTITION",
+ "type": "APPLICATION-ROT",
+ "priority": "NORMAL",
+ "id": "0x00000003",
+ "description": "Implements device services such print, flash read/write,. etc.",
+ "entry_point": "driver_main",
+ "stack_size": "0x400",
+ "heap_size": "0x400",
+ "services": [{
+ "name": "DRIVER_UART_SID",
+ "sid": "0x0000FC01",
+ "signal": "DRIVER_UART_SIG",
+ "non_secure_clients": true,
+ "minor_version": 1,
+ "minor_policy": "RELAXED"
+ },
+ {
+ "name": "DRIVER_WATCHDOG_SID",
+ "sid": "0x0000FC02",
+ "signal": "DRIVER_WATCHDOG_SIG",
+ "non_secure_clients": true,
+ "minor_version": 1,
+ "minor_policy": "RELAXED"
+ },
+ {
+ "name": "DRIVER_NVMEM_SID",
+ "sid": "0x0000FC03",
+ "signal": "DRIVER_NVMEM_SIG",
+ "non_secure_clients": true,
+ "minor_version": 1,
+ "minor_policy": "RELAXED"
+ },
+ {
+ "name": "DRIVER_TARGET_INIT_SID",
+ "sid": "0x0000FC04",
+ "signal": "DRIVER_TARGET_INIT_SIG",
+ "non_secure_clients": true,
+ "minor_version": 1,
+ "minor_policy": "RELAXED"
+ }
+ ],
+ "mmio_regions" : [
+ {
+ "name": "UART_REGION",
+ "base": "0x40004000",
+ "size": "0xFFF",
+ "permission": "READ-WRITE"
+ },
+ {
+ "name": "WATCHDOG_REGION",
+ "base": "0x40008000",
+ "size": "0xFFF",
+ "permission": "READ-WRITE"
+ },
+ {
+ "name": "NVMEM_REGION",
+ "base": "0x2002F000",
+ "size": "0xFFF",
+ "permission": "READ-WRITE"
+ }
+ ],
+ "source_files": [
+ "../../../test_suites/partition/common/driver_partition.c",
+ "../../../val/spe/val_driver_service_apis.c",
+ "../../../platform/spe/pal_driver_intf.c"
+ ]
+}
diff --git a/psa-ff/platform/manifests/ipc/client_partition_psa.json b/psa-ff/platform/manifests/ipc/client_partition_psa.json
new file mode 100644
index 0000000..d202d4d
--- /dev/null
+++ b/psa-ff/platform/manifests/ipc/client_partition_psa.json
@@ -0,0 +1,49 @@
+{
+ "psa_framework_version": 0.10,
+ "name": "CLIENT_PARTITION",
+ "type": "APPLICATION-ROT",
+ "priority": "NORMAL",
+ "id": "0x00000001",
+ "description": "Client partition executing client test func from SPE",
+ "entry_point": "client_main",
+ "stack_size": "0x400",
+ "heap_size": "0x400",
+ "services": [{
+ "name": "CLIENT_TEST_DISPATCHER_SID",
+ "sid": "0x0000FA01",
+ "signal": "CLIENT_TEST_DISPATCHER_SIG",
+ "non_secure_clients": true,
+ "minor_version": 1,
+ "minor_policy": "RELAXED"
+ }
+ ],
+ "extern_sids": [
+ "DRIVER_UART_SID",
+ "DRIVER_NVMEM_SID",
+ "SERVER_TEST_DISPATCHER_SID",
+ "SERVER_UNSPECIFED_MINOR_V_SID",
+ "SERVER_STRICT_MINOR_VERSION_SID",
+ "SERVER_RELAX_MINOR_VERSION_SID",
+ "SERVER_SECURE_CONNECT_ONLY_SID",
+ "SERVER_CONNECTION_DROP_SID"
+ ],
+ "source_files": [
+ "../../../test_suites/partition/ipc/client_partition.c",
+ "../../../test_suites/ipc/test_i001/test_i001.c",
+ "../../../test_suites/ipc/test_i002/test_i002.c",
+ "../../../test_suites/ipc/test_i003/test_i003.c",
+ "../../../test_suites/ipc/test_i004/test_i004.c",
+ "../../../test_suites/ipc/test_i005/test_i005.c",
+ "../../../test_suites/ipc/test_i006/test_i006.c",
+ "../../../test_suites/ipc/test_i007/test_i007.c",
+ "../../../test_suites/ipc/test_i008/test_i008.c",
+ "../../../test_suites/ipc/test_i009/test_i009.c",
+ "../../../test_suites/ipc/test_i010/test_i010.c",
+ "../../../test_suites/ipc/test_i011/test_i011.c",
+ "../../../test_suites/ipc/test_i012/test_i012.c",
+ "../../../test_suites/ipc/test_i024/test_i024.c",
+ "../../../test_suites/ipc/test_i025/test_i025.c",
+ "../../../test_suites/ipc/test_i026/test_i026.c",
+ "../../../test_suites/ipc/test_i027/test_i027.c"
+ ]
+}
diff --git a/psa-ff/platform/manifests/ipc/server_partition_psa.json b/psa-ff/platform/manifests/ipc/server_partition_psa.json
new file mode 100644
index 0000000..907fb07
--- /dev/null
+++ b/psa-ff/platform/manifests/ipc/server_partition_psa.json
@@ -0,0 +1,119 @@
+{
+ "psa_framework_version": 0.10,
+ "name": "SERVER_PARTITION",
+ "type": "APPLICATION-ROT",
+ "priority": "NORMAL",
+ "id": "0x00000002",
+ "description": "Server partition executing server test func",
+ "entry_point": "server_main",
+ "stack_size": "0x400",
+ "heap_size": "0x400",
+ "services": [{
+ "name": "SERVER_TEST_DISPATCHER_SID",
+ "sid": "0x0000FB01",
+ "signal": "SERVER_TEST_DISPATCHER_SIG",
+ "non_secure_clients": true,
+ "minor_version": 1,
+ "minor_policy": "RELAXED"
+ },
+ {
+ "name": "SERVER_SECURE_CONNECT_ONLY_SID",
+ "sid": "0x0000FB02",
+ "signal": "SERVER_SECURE_CONNECT_ONLY_SIG",
+ "non_secure_clients": false,
+ "minor_version": 2,
+ "minor_policy": "RELAXED"
+ },
+ {
+ "name": "SERVER_STRICT_MINOR_VERSION_SID",
+ "sid": "0x0000FB03",
+ "signal": "SERVER_STRICT_MINOR_VERSION_SIG",
+ "non_secure_clients": true,
+ "minor_version": 2,
+ "minor_policy": "STRICT"
+ },
+ {
+ "name": "SERVER_UNSPECIFED_MINOR_V_SID",
+ "sid": "0x0000FB04",
+ "signal": "SERVER_UNSPECIFED_MINOR_V_SIG",
+ "non_secure_clients": true
+ },
+ {
+ "name": "SERVER_RELAX_MINOR_VERSION_SID",
+ "sid": "0x0000FB05",
+ "signal": "SERVER_RELAX_MINOR_VERSION_SIG",
+ "non_secure_clients": true,
+ "minor_version": 2,
+ "minor_policy": "RELAXED"
+ },
+ {
+ "name": "SERVER_UNEXTERN_SID",
+ "sid": "0x0000FB06",
+ "signal": "SERVER_UNEXTERN_SIG",
+ "non_secure_clients": true,
+ "minor_version": 2,
+ "minor_policy": "RELAXED"
+ },
+ {
+ "name": "SERVER_CONNECTION_DROP_SID",
+ "sid": "0x0000FB07",
+ "signal": "SERVER_CONNECTION_DROP_SIG",
+ "non_secure_clients": true,
+ "minor_version": 2,
+ "minor_policy": "RELAXED"
+ }
+ ],
+ "extern_sids": [
+ "DRIVER_UART_SID",
+ "DRIVER_NVMEM_SID"
+ ],
+ "source_files": [
+ "../../../test_suites/partition/ipc/server_partition.c",
+ "../../../test_suites/ipc/test_i001/test_supp_i001.c",
+ "../../../test_suites/ipc/test_i002/test_supp_i002.c",
+ "../../../test_suites/ipc/test_i003/test_supp_i003.c",
+ "../../../test_suites/ipc/test_i004/test_supp_i004.c",
+ "../../../test_suites/ipc/test_i005/test_supp_i005.c",
+ "../../../test_suites/ipc/test_i006/test_supp_i006.c",
+ "../../../test_suites/ipc/test_i007/test_supp_i007.c",
+ "../../../test_suites/ipc/test_i008/test_supp_i008.c",
+ "../../../test_suites/ipc/test_i009/test_supp_i009.c",
+ "../../../test_suites/ipc/test_i010/test_supp_i010.c",
+ "../../../test_suites/ipc/test_i011/test_supp_i011.c",
+ "../../../test_suites/ipc/test_i012/test_supp_i012.c",
+ "../../../test_suites/ipc/test_i013/test_supp_i013.c",
+ "../../../test_suites/ipc/test_i014/test_supp_i014.c",
+ "../../../test_suites/ipc/test_i015/test_supp_i015.c",
+ "../../../test_suites/ipc/test_i016/test_supp_i016.c",
+ "../../../test_suites/ipc/test_i017/test_supp_i017.c",
+ "../../../test_suites/ipc/test_i018/test_supp_i018.c",
+ "../../../test_suites/ipc/test_i019/test_supp_i019.c",
+ "../../../test_suites/ipc/test_i020/test_supp_i020.c",
+ "../../../test_suites/ipc/test_i021/test_supp_i021.c",
+ "../../../test_suites/ipc/test_i022/test_supp_i022.c",
+ "../../../test_suites/ipc/test_i023/test_supp_i023.c",
+ "../../../test_suites/ipc/test_i024/test_supp_i024.c",
+ "../../../test_suites/ipc/test_i025/test_supp_i025.c",
+ "../../../test_suites/ipc/test_i026/test_supp_i026.c",
+ "../../../test_suites/ipc/test_i027/test_supp_i027.c",
+ "../../../test_suites/ipc/test_i028/test_supp_i028.c",
+ "../../../test_suites/ipc/test_i029/test_supp_i029.c",
+ "../../../test_suites/ipc/test_i030/test_supp_i030.c",
+ "../../../test_suites/ipc/test_i031/test_supp_i031.c",
+ "../../../test_suites/ipc/test_i032/test_supp_i032.c",
+ "../../../test_suites/ipc/test_i033/test_supp_i033.c",
+ "../../../test_suites/ipc/test_i034/test_supp_i034.c",
+ "../../../test_suites/ipc/test_i035/test_supp_i035.c",
+ "../../../test_suites/ipc/test_i036/test_supp_i036.c",
+ "../../../test_suites/ipc/test_i037/test_supp_i037.c",
+ "../../../test_suites/ipc/test_i038/test_supp_i038.c",
+ "../../../test_suites/ipc/test_i039/test_supp_i039.c",
+ "../../../test_suites/ipc/test_i040/test_supp_i040.c",
+ "../../../test_suites/ipc/test_i041/test_supp_i041.c",
+ "../../../test_suites/ipc/test_i042/test_supp_i042.c",
+ "../../../test_suites/ipc/test_i043/test_supp_i043.c",
+ "../../../test_suites/ipc/test_i044/test_supp_i044.c",
+ "../../../test_suites/ipc/test_i045/test_supp_i045.c",
+ "../../../test_suites/ipc/test_i046/test_supp_i046.c"
+ ]
+}
diff --git a/psa-ff/platform/nspe/Makefile b/psa-ff/platform/nspe/Makefile
new file mode 100644
index 0000000..dd34d44
--- /dev/null
+++ b/psa-ff/platform/nspe/Makefile
@@ -0,0 +1,54 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+include $(SOURCE)/tools/makefiles/toolchain.mk
+
+# Add C source files for compilation
+SRC_C= pal_baremetal_ns_intf.c pal_crypto_intf.c
+
+# Add ASM source files for compilation
+SRC_ASM=
+
+INCLUDE= -I$(SOURCE)/platform/targets/$(TARGET)/ \
+ -I$(BUILD)/platform/$(TARGET)/ \
+ -I$(SOURCE)/platform/nspe/drivers/ \
+ -I$(SOURCE)/platform/nspe/
+
+VPATH=$(SOURCE)/platform/targets/$(TARGET)/: \
+ $(SOURCE)/platform/nspe/drivers/: \
+ $(SOURCE)/platform/nspe/: \
+
+all: build
+
+build: mkdir build_c build_asm pal_nspe.a
+
+mkdir:
+ @mkdir -p $(BUILD)/platform/nspe/
+
+build_c: $(SRC_C:%.c=$(BUILD)/platform/nspe/%.o)
+build_asm: $(SRC_ASM:%.s=$(BUILD)/platform/nspe/%.o)
+
+$(BUILD)/platform/nspe/%.o : %.c
+ $(CC) $(INCLUDE) -o $@ -c $<
+
+$(BUILD)/platform/nspe/%.o : %.s
+ $(AS) $(INCLUDE) -o $@ $<
+
+pal_nspe.a:
+ $(AR) $(AR_OPTIONS) $(BUILD)/platform/pal_nspe.a $(BUILD)/platform/nspe/*.o
+
+clean:
+ @rm -rf $(BUILD)/platform/nspe/*.o $(BUILD)/platform/nspe/*.a
diff --git a/psa-ff/platform/nspe/pal_baremetal_ns_intf.c b/psa-ff/platform/nspe/pal_baremetal_ns_intf.c
new file mode 100644
index 0000000..a34afc7
--- /dev/null
+++ b/psa-ff/platform/nspe/pal_baremetal_ns_intf.c
@@ -0,0 +1,40 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_common.h"
+#include "pal_database.h"
+
+/**
+ @brief - provides the database source location.
+ @return - Returns base address of database
+**/
+void *pal_target_get_cfg_start(void)
+{
+ return (void *)database;
+}
+
+/**
+ @brief - This function will read peripherals using SPI commands
+ @param - addr : address of the peripheral
+ data : read buffer
+ len : length of the read buffer in bytes
+ @return - error status
+**/
+int pal_spi_read(addr_t addr, uint8_t *data, uint32_t len)
+{
+ return 0xFF;
+}
diff --git a/psa-ff/platform/nspe/pal_common.h b/psa-ff/platform/nspe/pal_common.h
new file mode 100644
index 0000000..ffc15c7
--- /dev/null
+++ b/psa-ff/platform/nspe/pal_common.h
@@ -0,0 +1,38 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_COMMON_H_
+#define _PAL_COMMON_H_
+
+/* typedef's */
+typedef signed char int8_t;
+typedef unsigned char uint8_t;
+typedef signed short int16_t;
+typedef unsigned short uint16_t;
+typedef signed long int32_t;
+typedef unsigned long uint32_t;
+typedef unsigned long long uint64_t;
+typedef uint8_t bool_t;
+typedef uint32_t addr_t;
+typedef uint32_t test_id_t;
+typedef char char8_t;
+typedef uint32_t cfg_id_t;
+
+#define addr_t uint32_t
+#define bool_t uint8_t
+
+#endif /* _PAL_COMMON_H_ */
diff --git a/psa-ff/platform/nspe/pal_crypto_intf.c b/psa-ff/platform/nspe/pal_crypto_intf.c
new file mode 100644
index 0000000..a992779
--- /dev/null
+++ b/psa-ff/platform/nspe/pal_crypto_intf.c
@@ -0,0 +1,150 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "pal_common.h"
+#include "pal_crypto_intf.h"
+
+/**
+ @brief - This API will call the requested crypto function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+#ifdef CRYPTO_SUITE
+psa_status_t pal_crypto_function(int type, va_list valist)
+{
+ size_t size, *length;
+ uint8_t *buffer;
+ uint32_t status;
+ psa_key_slot_t key_slot;
+ psa_key_type_t key_type, *key_type_out;
+ psa_key_policy_t *policy;
+ psa_key_usage_t usage, *usage_out;
+ psa_key_lifetime_t lifetime, *lifetime_out;
+ psa_algorithm_t alg, *alg_out;
+ psa_hash_operation_t *operation;
+
+ switch (type)
+ {
+ case PAL_CRYPTO_INIT:
+ return psa_crypto_init();
+ case PAL_CRYPTO_GENERATE_RANDOM:
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, int);
+ return psa_generate_random(buffer, size);
+ case PAL_CRYPTO_IMPORT_KEY:
+ key_slot = va_arg(valist, psa_key_slot_t);
+ key_type = va_arg(valist, psa_key_type_t);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, int);
+ status = psa_import_key(key_slot, key_type, buffer, size);
+ return status;
+ case PAL_CRYPTO_EXPORT_KEY:
+ key_slot = va_arg(valist, psa_key_slot_t);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t*));
+ size = va_arg(valist, int);
+ length = (size_t *)va_arg(valist, size_t*);
+ status = psa_export_key(key_slot, buffer, size, length);
+ return status;
+ case PAL_CRYPTO_EXPORT_PUBLIC_KEY:
+ key_slot = va_arg(valist, psa_key_slot_t);
+ buffer = (uint8_t *)(va_arg(valist, uint8_t*));
+ size = va_arg(valist, int);
+ length = (size_t *)va_arg(valist, size_t*);
+ status = psa_export_public_key(key_slot, buffer, size, length);
+ return status;
+ case PAL_CRYPTO_KEY_POLICY_INIT:
+ policy = va_arg(valist, psa_key_policy_t*);
+ psa_key_policy_init(policy);
+ return 0;
+ case PAL_CRYPTO_KEY_POLICY_SET_USAGE:
+ policy = va_arg(valist, psa_key_policy_t*);
+ usage = va_arg(valist, psa_key_usage_t);
+ alg = va_arg(valist, psa_algorithm_t);
+ psa_key_policy_set_usage(policy, usage, alg);
+ return 0;
+ case PAL_CRYPTO_SET_KEY_POLICY:
+ key_slot = va_arg(valist, psa_key_slot_t);
+ policy = va_arg(valist, psa_key_policy_t*);
+ return psa_set_key_policy(key_slot, policy);
+ case PAL_CRYPTO_DESTROY_KEY:
+ key_slot = va_arg(valist, psa_key_slot_t);
+ status = psa_destroy_key(key_slot);
+ return status;
+ case PAL_CRYPTO_GET_KEY_INFORMATION:
+ key_slot = va_arg(valist, psa_key_slot_t);
+ key_type_out = va_arg(valist, psa_key_type_t*);
+ length = (size_t *)va_arg(valist, size_t*);
+ status = psa_get_key_information(key_slot, key_type_out, length);
+ return status;
+ case PAL_CRYPTO_GET_KEY_POLICY:
+ key_slot = va_arg(valist, psa_key_slot_t);
+ policy = va_arg(valist, psa_key_policy_t*);
+ return psa_get_key_policy(key_slot, policy);
+ case PAL_CRYPTO_KEY_POLICY_GET_USAGE:
+ policy = va_arg(valist, psa_key_policy_t*);
+ usage_out = va_arg(valist, psa_key_usage_t*);
+ *usage_out = psa_key_policy_get_usage(policy);
+ return 0;
+ case PAL_CRYPTO_KEY_POLICY_GET_ALGORITHM:
+ policy = va_arg(valist, psa_key_policy_t*);
+ alg_out = va_arg(valist, psa_algorithm_t*);
+ *alg_out = psa_key_policy_get_algorithm(policy);
+ return 0;
+ case PAL_CRYPTO_GET_KEY_LIFETIME:
+ key_slot = va_arg(valist, psa_key_slot_t);
+ lifetime_out = va_arg(valist, psa_key_lifetime_t*);
+ return psa_get_key_lifetime(key_slot, lifetime_out);
+ case PAL_CRYPTO_SET_KEY_LIFETIME:
+ key_slot = va_arg(valist, psa_key_slot_t);
+ lifetime = va_arg(valist, psa_key_lifetime_t);
+ return psa_set_key_lifetime(key_slot, lifetime);
+ case PAL_CRYPTO_HASH_SETUP:
+ operation = va_arg(valist, psa_hash_operation_t*);
+ alg = va_arg(valist, psa_algorithm_t);
+ return psa_hash_setup(operation, alg);
+ case PAL_CRYPTO_HASH_UPDATE:
+ operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_update(operation, buffer, size);
+ case PAL_CRYPTO_HASH_VERIFY:
+ operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ return psa_hash_verify(operation, buffer, size);
+ case PAL_CRYPTO_HASH_FINISH:
+ operation = va_arg(valist, psa_hash_operation_t*);
+ buffer = va_arg(valist, uint8_t*);
+ size = va_arg(valist, size_t);
+ length = va_arg(valist, size_t*);
+ return psa_hash_finish(operation, buffer, size, length);
+ case PAL_CRYPTO_HASH_ABORT:
+ operation = va_arg(valist, psa_hash_operation_t*);
+ return psa_hash_abort(operation);
+ default:
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+ }
+}
+
+#else
+psa_status_t pal_crypto_function(int type, va_list valist)
+{
+ return PAL_STATUS_UNSUPPORTED_FUNC;
+}
+#endif
diff --git a/psa-ff/platform/nspe/pal_crypto_intf.h b/psa-ff/platform/nspe/pal_crypto_intf.h
new file mode 100644
index 0000000..79158df
--- /dev/null
+++ b/psa-ff/platform/nspe/pal_crypto_intf.h
@@ -0,0 +1,165 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_CRYPTO_H_
+#define _PAL_CRYPTO_H_
+
+#include <stdarg.h>
+
+#define PAL_STATUS_UNSUPPORTED_FUNC 0xFF
+
+typedef uint32_t psa_key_usage_t;
+typedef uint32_t psa_algorithm_t;
+typedef int32_t psa_status_t;
+typedef uint32_t psa_key_type_t;
+typedef uint32_t psa_key_slot_t;
+typedef uint32_t psa_key_lifetime_t;
+typedef uint32_t size_t;
+
+enum crypto_function_code {
+ PAL_CRYPTO_INIT = 0x1,
+ PAL_CRYPTO_GENERATE_RANDOM = 0x2,
+ PAL_CRYPTO_IMPORT_KEY = 0x3,
+ PAL_CRYPTO_EXPORT_KEY = 0x4,
+ PAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
+ PAL_CRYPTO_DESTROY_KEY = 0x6,
+ PAL_CRYPTO_GET_KEY_INFO = 0x7,
+ PAL_CRYPTO_KEY_POLICY_INIT = 0x8,
+ PAL_CRYPTO_KEY_POLICY_SET_USAGE = 0x9,
+ PAL_CRYPTO_KEY_POLICY_GET_USAGE = 0xA,
+ PAL_CRYPTO_KEY_POLICY_GET_ALGORITHM = 0xB,
+ PAL_CRYPTO_SET_KEY_POLICY = 0xC,
+ PAL_CRYPTO_GET_KEY_POLICY = 0xD,
+ PAL_CRYPTO_GET_KEY_INFORMATION = 0xE,
+ PAL_CRYPTO_GET_KEY_LIFETIME = 0xF,
+ PAL_CRYPTO_SET_KEY_LIFETIME = 0x10,
+ PAL_CRYPTO_HASH_SETUP = 0x11,
+ PAL_CRYPTO_HASH_UPDATE = 0x12,
+ PAL_CRYPTO_HASH_VERIFY = 0x13,
+ PAL_CRYPTO_HASH_FINISH = 0x14,
+ PAL_CRYPTO_HASH_ABORT = 0x15,
+};
+
+struct psa_key_policy_s {
+ psa_key_usage_t usage;
+ psa_algorithm_t alg;
+};
+
+typedef struct {
+ unsigned char cksum[16]; /*!< checksum of the data block */
+ unsigned char state[48]; /*!< intermediate digest state */
+ unsigned char buffer[16]; /*!< data block being processed */
+ size_t left; /*!< amount of data in buffer */
+} mbedtls_md2_context;
+
+typedef struct {
+ uint32_t total[2]; /*!< number of bytes processed */
+ uint32_t state[4]; /*!< intermediate digest state */
+ unsigned char buffer[64]; /*!< data block being processed */
+} mbedtls_md4_context;
+
+typedef struct {
+ uint32_t total[2]; /*!< number of bytes processed */
+ uint32_t state[4]; /*!< intermediate digest state */
+ unsigned char buffer[64]; /*!< data block being processed */
+} mbedtls_md5_context;
+
+typedef struct {
+ uint32_t total[2]; /*!< number of bytes processed */
+ uint32_t state[5]; /*!< intermediate digest state */
+ unsigned char buffer[64]; /*!< data block being processed */
+} mbedtls_ripemd160_context;
+
+typedef struct {
+ uint32_t total[2]; /*!< The number of Bytes processed. */
+ uint32_t state[5]; /*!< The intermediate digest state. */
+ unsigned char buffer[64]; /*!< The data block being processed. */
+} mbedtls_sha1_context;
+
+typedef struct {
+ uint32_t total[2]; /*!< The number of Bytes processed. */
+ uint32_t state[8]; /*!< The intermediate digest state. */
+ unsigned char buffer[64]; /*!< The data block being processed. */
+ int is224; /*!< Determines which function to use:
+ 0: Use SHA-256, or 1: Use SHA-224. */
+} mbedtls_sha256_context;
+
+typedef struct {
+ uint64_t total[2]; /*!< The number of Bytes processed. */
+ uint64_t state[8]; /*!< The intermediate digest state. */
+ unsigned char buffer[128]; /*!< The data block being processed. */
+ int is384; /*!< Determines which function to use:
+ 0: Use SHA-512, or 1: Use SHA-384. */
+} mbedtls_sha512_context;
+
+struct psa_hash_operation_s {
+ psa_algorithm_t alg;
+ union
+ {
+ unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
+ mbedtls_md2_context md2;
+ mbedtls_md4_context md4;
+ mbedtls_md5_context md5;
+ mbedtls_ripemd160_context ripemd160;
+ mbedtls_sha1_context sha1;
+ mbedtls_sha256_context sha256;
+ mbedtls_sha512_context sha512;
+ } ctx;
+};
+
+typedef struct psa_hash_operation_s psa_hash_operation_t;
+typedef struct psa_key_policy_s psa_key_policy_t;
+
+psa_status_t psa_crypto_init(void);
+psa_status_t psa_import_key(psa_key_slot_t key, psa_key_type_t type,
+ const uint8_t *data, size_t data_length);
+psa_status_t psa_export_key(psa_key_slot_t key, uint8_t *data,
+ size_t data_size, size_t *data_length);
+void psa_key_policy_init(psa_key_policy_t *policy);
+void psa_key_policy_set_usage(psa_key_policy_t *policy, psa_key_usage_t usage,
+ psa_algorithm_t alg);
+psa_status_t psa_set_key_policy(psa_key_slot_t key, const psa_key_policy_t *policy);
+psa_status_t psa_destroy_key(psa_key_slot_t key);
+psa_status_t psa_export_public_key(psa_key_slot_t key, uint8_t *data,
+ size_t data_size, size_t *data_length);
+psa_status_t psa_generate_key(psa_key_slot_t key, psa_key_type_t type,
+ size_t bits, const void *extra, size_t extra_size);
+psa_status_t psa_get_key_information(psa_key_slot_t key, psa_key_type_t *type, size_t *bits);
+psa_status_t psa_get_key_policy(psa_key_slot_t key, psa_key_policy_t *policy);
+psa_key_usage_t psa_key_policy_get_usage(const psa_key_policy_t *policy);
+psa_algorithm_t psa_key_policy_get_algorithm(const psa_key_policy_t *policy);
+psa_status_t psa_get_key_lifetime(psa_key_slot_t key,
+ psa_key_lifetime_t *lifetime);
+psa_status_t psa_set_key_lifetime(psa_key_slot_t key,
+ psa_key_lifetime_t lifetime);
+psa_status_t psa_hash_setup(psa_hash_operation_t *operation,
+ psa_algorithm_t alg);
+
+psa_status_t psa_hash_update(psa_hash_operation_t *operation,
+ const uint8_t *input,
+ size_t input_length);
+psa_status_t psa_hash_verify(psa_hash_operation_t *operation,
+ const uint8_t *hash,
+ size_t hash_length);
+psa_status_t psa_hash_finish(psa_hash_operation_t *operation,
+ uint8_t *hash,
+ size_t hash_size,
+ size_t *hash_length);
+psa_status_t psa_hash_abort(psa_hash_operation_t *operation);
+psa_status_t psa_generate_random(uint8_t *output, size_t output_size);
+psa_status_t pal_crypto_function(int type, va_list valist);
+#endif /* _PAL_CRYPTO_H_ */
diff --git a/psa-ff/platform/nspe/pal_sid.h b/psa-ff/platform/nspe/pal_sid.h
new file mode 100644
index 0000000..988b3bb
--- /dev/null
+++ b/psa-ff/platform/nspe/pal_sid.h
@@ -0,0 +1,35 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_SID_H_
+#define _PAL_SID_H_
+
+/* SID Constant defined and used by test suite */
+#define CLIENT_TEST_DISPATCHER_SID 0x0000FA01
+#define SERVER_TEST_DISPATCHER_SID 0x0000FB01
+#define SERVER_SECURE_CONNECT_ONLY_SID 0x0000FB02
+#define SERVER_STRICT_MINOR_VERSION_SID 0x0000FB03
+#define SERVER_UNSPECIFED_MINOR_V_SID 0x0000FB04
+#define SERVER_RELAX_MINOR_VERSION_SID 0x0000FB05
+#define SERVER_UNEXTERN_SID 0x0000FB06
+#define SERVER_CONNECTION_DROP_SID 0x0000FB07
+#define DRIVER_UART_SID 0x0000FC01
+#define DRIVER_WATCHDOG_SID 0x0000FC02
+#define DRIVER_NVMEM_SID 0x0000FC03
+#define DRIVER_TARGET_INIT_SID 0x0000FC04
+
+#endif /* _PAL_SID_H_ */
diff --git a/psa-ff/platform/spe/drivers/nvmem/pal_nvmem.c b/psa-ff/platform/spe/drivers/nvmem/pal_nvmem.c
new file mode 100644
index 0000000..65a9442
--- /dev/null
+++ b/psa-ff/platform/spe/drivers/nvmem/pal_nvmem.c
@@ -0,0 +1,69 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_nvmem.h"
+
+/**
+ @brief - Writes into given non-volatile address.
+ @param - base : Base address of non-volatile memory
+ offset : Offset
+ buffer : Pointer to source address
+ size : Number of bytes
+ @return - 1/0
+**/
+int nvmem_write(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ int b_cnt;
+
+ if (buffer == NULL) {
+ return 0;
+ }
+
+ for (b_cnt = 0; b_cnt < size; b_cnt++)
+ {
+ /* If flash interface just emulated over SRAM, use simple memory write */
+ *(uint8_t *)(base + offset + b_cnt) = *((uint8_t *)buffer + b_cnt);
+ }
+
+ return 1;
+}
+
+/**
+ @brief - Reads from given non-volatile address.
+ @param - base : Base address of non-volatile memory
+ offset : Offset
+ buffer : Pointer to source address
+ size : Number of bytes
+ @return - 1/0
+**/
+int nvmem_read(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ int b_cnt;
+
+ if (buffer == NULL) {
+ return 0;
+ }
+
+ for (b_cnt = 0; b_cnt < size; b_cnt++)
+ {
+ /* If flash interface just emulated over SRAM, use simple memory read */
+ *((uint8_t *)buffer + b_cnt) = *(uint8_t *)(base + offset + b_cnt);
+ }
+
+ return 1;
+}
+
diff --git a/psa-ff/platform/spe/drivers/nvmem/pal_nvmem.h b/psa-ff/platform/spe/drivers/nvmem/pal_nvmem.h
new file mode 100644
index 0000000..df55c02
--- /dev/null
+++ b/psa-ff/platform/spe/drivers/nvmem/pal_nvmem.h
@@ -0,0 +1,26 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_NVMEM_H_
+#define _PAL_NVMEM_H_
+
+#include "platform/spe/pal_common.h"
+
+int nvmem_write(addr_t base, uint32_t offset, void *buffer, int size);
+int nvmem_read(addr_t base, uint32_t offset, void *buffer, int size);
+
+#endif /* PAL_NVMEM_H */
diff --git a/psa-ff/platform/spe/drivers/uart/pal_uart.c b/psa-ff/platform/spe/drivers/uart/pal_uart.c
new file mode 100644
index 0000000..48515c1
--- /dev/null
+++ b/psa-ff/platform/spe/drivers/uart/pal_uart.c
@@ -0,0 +1,114 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_uart.h"
+
+volatile uint32_t g_uart;
+
+/**
+ @brief - This function initializes the UART
+**/
+void pal_uart_cmsdk_init(uint32_t uart_base_addr)
+{
+ g_uart = uart_base_addr;
+
+ /* Disable RX and TX interrupts, disable overrun interrupts, enable TX,
+ * disable RX */
+ ((uart_t *) g_uart)->CTRL = CMSDK_UART_CTRL_TXEN_Msk;
+ /* However, the UART resets to a BAUDDIV of 0, which is invalid. Set it to
+ * the minimum valid number. */
+ ((uart_t *) g_uart)->BAUDDIV = 16;
+
+}
+
+/**
+ @brief - This function checks for empty TX FIFO
+**/
+static int pal_uart_cmsdk_is_tx_empty(void)
+{
+ /* Note: Check for empty TX FIFO */
+ return (!((uart_t *) g_uart)->STATE & CMSDK_UART_STATE_TXBF_Msk);
+}
+
+/**
+ @brief - This function checks for empty TX FIFO and writes to FIFO register
+**/
+static void pal_uart_cmsdk_putc(uint8_t c)
+{
+ /* ensure TX buffer to be empty */
+ while (!pal_uart_cmsdk_is_tx_empty());
+
+ /* write the data (upper 24 bits are reserved) */
+ ((uart_t *) g_uart)->DATA = c;
+ if (c == '\n')
+ {
+ pal_uart_cmsdk_putc('\r');
+ }
+}
+
+/**
+ @brief - This function parses the input string and writes bytes into UART TX FIFO
+ @param - str : Input String
+ - data : Value for format specifier
+**/
+void pal_cmsdk_print(char *str, uint32_t data)
+{
+ uint8_t j, buffer[16];
+ int8_t i = 0;
+
+ for (; *str != '\0'; ++str)
+ {
+ if (*str == '%')
+ {
+ ++str;
+ if (*str == 'd')
+ {
+ while (data != 0)
+ {
+ j = data % 10;
+ data = data /10;
+ buffer[i] = j + 48;
+ i += 1;
+ }
+ }
+ else if (*str == 'x' || *str == 'X')
+ {
+ while (data != 0)
+ {
+ j = data & 0xf;
+ data >>= 4;
+ buffer[i] = j + ((j > 9) ? 55 : 48);
+ i += 1;
+ }
+ }
+ if (i > 0)
+ {
+ while (i > 0) {
+ pal_uart_cmsdk_putc(buffer[--i]);
+ }
+ }
+ else
+ {
+ pal_uart_cmsdk_putc(48);
+ }
+ }
+ else
+ {
+ pal_uart_cmsdk_putc(*str);
+ }
+ }
+}
diff --git a/psa-ff/platform/spe/drivers/uart/pal_uart.h b/psa-ff/platform/spe/drivers/uart/pal_uart.h
new file mode 100644
index 0000000..7e82d41
--- /dev/null
+++ b/psa-ff/platform/spe/drivers/uart/pal_uart.h
@@ -0,0 +1,48 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_UART_CMSDK_H_
+#define _PAL_UART_CMSDK_H_
+
+#include <stdint.h>
+
+/* CMSDK_UART DATA Register Definitions */
+#define CMSDK_UART_STATE_TXBF_Pos 0 /* CMSDK_UART STATE: TXBF Position */
+#define CMSDK_UART_STATE_TXBF_Msk (0x1UL) /* CMSDK_UART STATE: TXBF Mask */
+
+/* CMSDK_UART CTRL Register Definitions */
+#define CMSDK_UART_CTRL_TXEN_Pos 0 /* CMSDK_UART CTRL: TXEN Position */
+#define CMSDK_UART_CTRL_TXEN_Msk (0x01UL) /* CMSDK_UART CTRL: TXEN Mask */
+
+/* typedef's */
+typedef struct {
+ uint32_t DATA; /* Offset: 0x000 (R/W) Data Register */
+ uint32_t STATE; /* Offset: 0x004 (R/W) Status state */
+ uint32_t CTRL; /* Offset: 0x008 (R/W) Control Register */
+ union {
+ uint32_t INTSTATUS; /* Offset: 0x00C (R/ ) Interrupt Status Register */
+ uint32_t INTCLEAR; /* Offset: 0x00C ( /W) Interrupt Clear Register */
+ };
+ uint32_t BAUDDIV; /* Offset: 0x010 (R/W) Baud rate divider */
+} uart_t;
+
+
+/* function prototypes */
+void pal_uart_cmsdk_init(uint32_t uart_base_addr);
+void pal_cmsdk_print(char *str, uint32_t data);
+
+#endif /* _PAL_UART_CMSDK_H_ */
diff --git a/psa-ff/platform/spe/drivers/watchdog/pal_wd_cmsdk.c b/psa-ff/platform/spe/drivers/watchdog/pal_wd_cmsdk.c
new file mode 100644
index 0000000..e9d20bb
--- /dev/null
+++ b/psa-ff/platform/spe/drivers/watchdog/pal_wd_cmsdk.c
@@ -0,0 +1,83 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "pal_wd_cmsdk.h"
+
+/**
+ @brief - Initializes an hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ - time_us : Time in micro seconds
+ - timer_tick_us : Number of ticks per micro second
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_cmsdk_init(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
+{
+ /* Disable Timer */
+ ((wd_timer_t *)base_addr)->CTRL = 0x0;
+
+ if (time_us == 0 )
+ {
+ ((wd_timer_t *)base_addr)->LOAD = 0;
+ }
+ else
+ {
+ ((wd_timer_t *)base_addr)->LOAD = time_us * timer_tick_us;
+ }
+
+ return 0;
+}
+
+/**
+ @brief - Enables a hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_cmsdk_enable(addr_t base_addr)
+{
+ /* Enable Interrupt */
+ ((wd_timer_t *)base_addr)->CTRL = Watchdog_CTRL_INTEN_Msk;
+ /* Enable Reset */
+ ((wd_timer_t *)base_addr)->CTRL |= Watchdog_CTRL_RESEN_Msk;
+
+ return 0;
+}
+
+/**
+ @brief - Disables a hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_cmsdk_disable(addr_t base_addr)
+{
+ /* Disable Timer */
+ ((wd_timer_t *)base_addr)->CTRL = 0x0;
+ ((wd_timer_t *)base_addr)->INTCLR = 0x1;
+
+ return 0;
+}
+
+/**
+ @brief - Checks whether hardware watchdog timer is enabled
+ @param - base_addr : Base address of the watchdog module
+ @return - Enabled : 1, Disabled : 0
+**/
+int pal_wd_cmsdk_is_enabled(addr_t base_addr)
+{
+ return (((wd_timer_t *)base_addr)->CTRL & Watchdog_CTRL_INTEN_Msk ? \
+ (((wd_timer_t *)base_addr)->CTRL & Watchdog_CTRL_RESEN_Msk ? 1 : 0) : 0);
+}
+
diff --git a/psa-ff/platform/spe/drivers/watchdog/pal_wd_cmsdk.h b/psa-ff/platform/spe/drivers/watchdog/pal_wd_cmsdk.h
new file mode 100644
index 0000000..f73d698
--- /dev/null
+++ b/psa-ff/platform/spe/drivers/watchdog/pal_wd_cmsdk.h
@@ -0,0 +1,87 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_WD_CMSDK_H_
+#define _PAL_WD_CMSDK_H_
+
+#include "platform/spe/pal_common.h"
+
+#define WDOG_TIMER_MAX_VALUE 0xFFFFFFFF
+
+typedef struct {
+ uint32_t LOAD; /* Offset: 0x000 (R/W) Watchdog Load Register */
+ uint32_t VALUE; /* Offset: 0x004 (R/ ) Watchdog Value Register */
+ uint32_t CTRL; /* Offset: 0x008 (R/W) Watchdog Control Register */
+ uint32_t INTCLR; /* Offset: 0x00C ( /W) Watchdog Clear Interrupt Register */
+ uint32_t RAWINTSTAT; /* Offset: 0x010 (R/ ) Watchdog Raw Interrupt Status Register */
+ uint32_t MASKINTSTAT; /* Offset: 0x014 (R/ ) Watchdog Interrupt Status Register */
+ uint32_t RESERVED0[762];
+ uint32_t LOCK; /* Offset: 0xC00 (R/W) Watchdog Lock Register */
+ uint32_t RESERVED1[191];
+ uint32_t ITCR; /* Offset: 0xF00 (R/W) Watchdog Integration Test Control Register */
+ uint32_t ITOP; /* Offset: 0xF04 ( /W) Watchdog Integration Test Output Set Register */
+} wd_timer_t;
+
+/* WATCHDOG LOAD Register Definitions */
+#define Watchdog_LOAD_Pos 0 /* Watchdog LOAD: LOAD Position */
+#define Watchdog_LOAD_Msk (0xFFFFFFFFUL) /* Watchdog LOAD: LOAD Mask */
+
+/* WATCHDOG VALUE Register Definitions */
+#define Watchdog_VALUE_Pos 0 /* Watchdog VALUE: VALUE Position */
+#define Watchdog_VALUE_Msk (0xFFFFFFFFUL) /* Watchdog VALUE: VALUE Mask */
+
+/* WATCHDOG CTRL Register Definitions */
+/* Watchdog CTRL_RESEN: Enable Reset Output Position */
+#define Watchdog_CTRL_RESEN_Pos 1
+ /* Watchdog CTRL_RESEN: Enable Reset Output Mask */
+#define Watchdog_CTRL_RESEN_Msk (0x1UL << Watchdog_CTRL_RESEN_Pos)
+
+#define Watchdog_CTRL_INTEN_Pos 0 /* Watchdog CTRL_INTEN: Int Enable Position */
+#define Watchdog_CTRL_INTEN_Msk (0x1UL) /* Watchdog CTRL_INTEN: Int Enable Mask */
+
+/* WATCHDOG INTCLR Register Definitions */
+#define Watchdog_INTCLR_Pos 0 /* Watchdog INTCLR: Int Clear Position */
+#define Watchdog_INTCLR_Msk (0x1UL) /* Watchdog INTCLR: Int Clear Mask */
+
+/* WATCHDOG RAWINTSTAT Register Definitions */
+#define Watchdog_RAWINTSTAT_Pos 0 /* Watchdog RAWINTSTAT: Raw Int Status Position */
+#define Watchdog_RAWINTSTAT_Msk (0x1UL) /* Watchdog RAWINTSTAT: Raw Int Status Mask */
+
+/* WATCHDOG MASKINTSTAT Register Definitions */
+#define Watchdog_MASKINTSTAT_Pos 0 /* Watchdog MASKINTSTAT: Mask Int Status Position */
+#define Watchdog_MASKINTSTAT_Msk (0x1UL) /* Watchdog MASKINTSTAT: Mask Int Status Mask */
+
+/* WATCHDOG LOCK Register Definitions */
+#define Watchdog_LOCK_Pos 0 /* Watchdog LOCK: LOCK Position */
+#define Watchdog_LOCK_Msk (0x1UL) /* Watchdog LOCK: LOCK Mask */
+
+/* WATCHDOG INTEGTESTEN Register Definitions */
+#define Watchdog_INTEGTESTEN_Pos 0 /* Watchdog INTEGTESTEN: Integration Test Enable Pos*/
+#define Watchdog_INTEGTESTEN_Msk (0x1UL)/*Watchdog INTEGTESTEN: Integration Test Enable Mask*/
+
+/* WATCHDOG INTEGTESTOUTSET Register Definitions */
+/* Watchdog INTEGTESTOUTSET: Integration Test Output Set Position */
+#define Watchdog_INTEGTESTOUTSET_Pos 1
+/* Watchdog INTEGTESTOUTSET: Integration Test Output Set Mask */
+#define Watchdog_INTEGTESTOUTSET_Msk (0x1UL)
+
+int pal_wd_cmsdk_init(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us);
+int pal_wd_cmsdk_enable(addr_t base_addr);
+int pal_wd_cmsdk_disable(addr_t base_addr);
+int pal_wd_cmsdk_is_enabled(addr_t base_addr);
+
+#endif /* PAL_WD_CMSDK_H */
diff --git a/psa-ff/platform/spe/pal_common.h b/psa-ff/platform/spe/pal_common.h
new file mode 100644
index 0000000..43b2b4d
--- /dev/null
+++ b/psa-ff/platform/spe/pal_common.h
@@ -0,0 +1,41 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _PAL_COMMON_H_
+#define _PAL_COMMON_H_
+
+#include <string.h>
+#include <stdint.h>
+#include <stdlib.h>
+/* typedef's */
+typedef signed char int8_t;
+typedef unsigned char uint8_t;
+typedef signed short int16_t;
+typedef unsigned short uint16_t;
+typedef signed long int32_t;
+typedef unsigned long uint32_t;
+typedef unsigned long long uint64_t;
+typedef uint8_t bool_t;
+typedef uint32_t addr_t;
+typedef uint32_t test_id_t;
+typedef char char8_t;
+typedef uint32_t cfg_id_t;
+
+#define addr_t uint32_t
+#define bool_t uint8_t
+
+#endif /* _PAL_COMMON_H_ */
diff --git a/psa-ff/platform/spe/pal_driver_intf.c b/psa-ff/platform/spe/pal_driver_intf.c
new file mode 100644
index 0000000..ca15e0b
--- /dev/null
+++ b/psa-ff/platform/spe/pal_driver_intf.c
@@ -0,0 +1,114 @@
+ /** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ **/
+
+#include "drivers/uart/pal_uart.c"
+#include "drivers/nvmem/pal_nvmem.c"
+#include "drivers/watchdog/pal_wd_cmsdk.c"
+
+/**
+ @brief - This function initializes the UART
+ @param - uart base addr
+ @return - void
+**/
+void pal_uart_init(uint32_t uart_base_addr)
+{
+ pal_uart_cmsdk_init(uart_base_addr);
+}
+
+/**
+ @brief - This function parses the input string and writes bytes into UART TX FIFO
+ @param - str : Input String
+ - data : Value for format specifier
+**/
+
+void pal_print(char *str, uint32_t data)
+{
+ pal_cmsdk_print(str,data);
+
+}
+
+
+/**
+ @brief - Writes into given non-volatile address.
+ @param - base : Base address of nvmem
+ offset : Offset
+ buffer : Pointer to source address
+ size : Number of bytes
+ @return - 1/0
+**/
+int pal_nvmem_write(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ return nvmem_write(base, offset, buffer, size);
+}
+
+/**
+ @brief - Reads from given non-volatile address.
+ @param - base : Base address of nvmem
+ offset : Offset
+ buffer : Pointer to source address
+ size : Number of bytes
+ @return - 1/0
+**/
+int pal_nvmem_read(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ return nvmem_read(base, offset, buffer, size);
+}
+
+
+/**
+ @brief - Initializes an hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ - time_us : Time in micro seconds
+ - timer_tick_us : Number of ticks per micro second
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_init(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
+{
+ return(pal_wd_cmsdk_init(base_addr,time_us, timer_tick_us));
+
+}
+
+/**
+ @brief - Enables a hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_enable(addr_t base_addr)
+{
+ return(pal_wd_cmsdk_enable(base_addr));
+}
+
+/**
+ @brief - Disables a hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_disable(addr_t base_addr)
+{
+ return (pal_wd_cmsdk_disable(base_addr));
+}
+
+/**
+ @brief - Checks whether hardware watchdog timer is enabled
+ @param - base_addr : Base address of the watchdog module
+ @return - Enabled : 1, Disabled : 0
+**/
+int pal_wd_timer_is_enabled(addr_t base_addr)
+{
+ return (pal_wd_cmsdk_is_enabled(base_addr));
+}
+
diff --git a/psa-ff/platform/targets/fvp_mps2_cm4_mbedos/target.cfg b/psa-ff/platform/targets/fvp_mps2_cm4_mbedos/target.cfg
new file mode 100644
index 0000000..8feb2a3
--- /dev/null
+++ b/psa-ff/platform/targets/fvp_mps2_cm4_mbedos/target.cfg
@@ -0,0 +1,54 @@
+///** @file
+// * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+// * SPDX-License-Identifier : Apache-2.0
+// *
+// * Licensed under the Apache License, Version 2.0 (the "License");
+// * you may not use this file except in compliance with the License.
+// * You may obtain a copy of the License at
+// *
+// * http://www.apache.org/licenses/LICENSE-2.0
+// *
+// * Unless required by applicable law or agreed to in writing, software
+// * distributed under the License is distributed on an "AS IS" BASIS,
+// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// * See the License for the specific language governing permissions and
+// * limitations under the License.
+//**/
+
+// UART device info
+uart.num=1;
+uart.0.base = 0x40004000;
+uart.0.size = 0xFFF;
+uart.0.intr_id = 0xFF;
+uart.0.permission = TYPE_READ_WRITE;
+
+// Watchdog device info
+watchdog.num = 1;
+watchdog.0.base = 0x40008000;
+watchdog.0.size = 0xFFF;
+watchdog.0.intr_id = 0xFF;
+watchdog.0.permission = TYPE_READ_WRITE;
+watchdog.0.num_of_tick_per_micro_sec = 0x3; //(sys_feq/1000000)
+watchdog.0.timeout_in_micro_sec_low = 0xF4240; //1.0 sec : 1 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_medium = 0x1E8480; //2.0 sec : 2 * 1000 * 1000
+watchdog.0.timeout_in_micro_sec_high = 0x4C4B40; //5.0 sec : 5 * 1000 * 1000
+
+// Range of 1KB Non-volatile memory to preserve data over reset. Ex, NVRAM and FLASH
+nvmem.num =1;
+nvmem.0.start = 0x2002F000;
+nvmem.0.end = 0x2002FFFF;
+nvmem.0.permission = TYPE_READ_WRITE;
+
+//Miscellaneous
+dut.num = 1;
+dut.0.implemented_psa_firmware_isolation_level = LEVEL1;
+
+// Start address of combine_test_binary in memory. Memory can be main memory or secondary memory.
+// Size of combine_test_binary = Summation of size of each test ELF file
+dut.0.ns_start_addr_of_combine_test_binary = 0x2003F000;
+
+// Is combine_test_binary available in RAM?
+dut.0.combine_test_binary_in_ram = AVAILABLE;
+
+// Start address of 8KB NS memory for test ELF
+dut.0.ns_test_addr = 0x2007F000;
diff --git a/psa-ff/test_suites/crypto/test_c001/source.mk b/psa-ff/test_suites/crypto/test_c001/source.mk
new file mode 100644
index 0000000..c24e740
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c001/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c001.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/crypto/test_c001/test_c001.c b/psa-ff/test_suites/crypto/test_c001/test_c001.c
new file mode 100644
index 0000000..834f442
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c001/test_c001.c
@@ -0,0 +1,84 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_c001.h"
+
+client_test_t test_c001_crypto_list[] = {
+ NULL,
+ psa_generate_random_without_init_test,
+ psa_crypto_init_test,
+ multiple_psa_crypto_init_test,
+ NULL,
+};
+
+int32_t psa_generate_random_without_init_test(security_t caller)
+{
+ uint8_t output[GENERATE_SIZE];
+
+ val->print(PRINT_TEST, "[Check1] Test calling crypto functions before psa_crypto_init \n", 0);
+
+ /* Generate random bytes */
+ if (val->crypto_function(VAL_CRYPTO_GENERATE_RANDOM, output, GENERATE_SIZE) == PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "The crypto function should have failed but succeeded\n", 0);
+ return VAL_STATUS_CRYPTO_FAILURE;
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_crypto_init_test(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_TEST, "[Check2] Test psa_crypto_init\n", status);
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "Crypto init failed\n", 0);
+ status = VAL_STATUS_INIT_FAILED;
+ }
+
+ return status;
+}
+
+int32_t multiple_psa_crypto_init_test(security_t caller)
+{
+ int32_t i, status = VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_TEST, "[Check3] Test multiple psa_crypto_init \n", 0);
+ for (i = 0; i < 5; i++)
+ {
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ status = VAL_STATUS_INIT_FAILED;
+ return status;
+ }
+ }
+
+ return status;
+}
diff --git a/psa-ff/test_suites/crypto/test_c001/test_c001.h b/psa-ff/test_suites/crypto/test_c001/test_c001.h
new file mode 100644
index 0000000..028755f
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c001/test_c001.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C001_CLIENT_TESTS_H_
+#define _TEST_C001_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+#include "val_crypto.h"
+
+#define GENERATE_SIZE 32
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c001_crypto_list[];
+
+int32_t psa_crypto_init_test(security_t caller);
+int32_t multiple_psa_crypto_init_test(security_t caller);
+int32_t psa_generate_random_without_init_test(security_t caller);
+#endif /* _TEST_C001_CLIENT_TESTS_H_ */
diff --git a/psa-ff/test_suites/crypto/test_c001/test_entry.c b/psa-ff/test_suites/crypto/test_c001/test_entry.c
new file mode 100644
index 0000000..1b3b985
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c001/test_entry.c
@@ -0,0 +1,52 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c001.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 1)
+#define TEST_DESC "Testing psa_crypto_init API: Basic\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c001_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/crypto/test_c002/source.mk b/psa-ff/test_suites/crypto/test_c002/source.mk
new file mode 100644
index 0000000..d56ef66
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c002/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c002.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/crypto/test_c002/test_c002.c b/psa-ff/test_suites/crypto/test_c002/test_c002.c
new file mode 100644
index 0000000..df4de84
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c002/test_c002.c
@@ -0,0 +1,225 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_c002.h"
+#include "test_data.h"
+#include "val_crypto.h"
+
+client_test_t test_c002_crypto_list[] = {
+ NULL,
+ psa_import_key_test,
+ psa_import_key_negative_test,
+ NULL,
+};
+
+int g_test_count;
+
+int32_t psa_import_key_test(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ uint32_t length, i, j;
+ uint8_t data[BUFFER_SIZE];
+ uint8_t *key_data;
+ psa_key_policy_t policy;
+ psa_key_type_t key_type;
+ size_t bits;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+
+ g_test_count = 1;
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Set the key data buffer to the input base on algorithm */
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+ if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
+ {
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keypair;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ else
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keydata;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ key_data = ec_keypair;
+ else
+ key_data = ec_keydata;
+ }
+ else
+ key_data = check1[i].key_data;
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_slot, &policy);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA set key policy failed\n", 0);
+ return status;
+ }
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_slot, check1[i].key_type,
+ key_data, check1[i].key_length);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA import key failed\n", 0);
+ return status;
+ }
+
+ /* Get basic metadata about a key */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_slot,
+ &key_type, &bits);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA get key information failed\n", 0);
+ return status;
+ }
+
+ if (key_type != check1[i].key_type)
+ {
+ val->print(PRINT_ERROR, "\tPSA mismatch key type\n", 0);
+ return status;
+ }
+
+ if (bits != check1[i].expected_bit_length)
+ {
+ val->print(PRINT_ERROR, "\tStored key length mismatch\n", 0);
+ return VAL_STATUS_INVALID_SIZE;
+ }
+
+ /* Export a key in binary format */
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check1[i].key_slot, data,
+ BUFFER_SIZE, &length);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA export key failed\n", 0);
+ return status;
+ }
+
+ if (length != check1[i].expected_key_length)
+ {
+ val->print(PRINT_ERROR, "\tKey length mismatch\n", 0);
+ return VAL_STATUS_INVALID_SIZE;
+ }
+
+ if (val->crypto_key_type_is_raw(check1[i].key_type))
+ {
+ for (j = 0; j < length; j++)
+ {
+ if (check1[i].key_data[j] != data[j])
+ {
+ val->print(PRINT_ERROR, "\tKey data mismatch\n", 0);
+ return VAL_STATUS_DATA_MISMATCH;
+ }
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type) || PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ for (j = 0; j < length; j++)
+ {
+ if (key_data[j] != data[j])
+ {
+ val->print(PRINT_ERROR, "\tKey data mismatch\n", 0);
+ return VAL_STATUS_DATA_MISMATCH;
+ }
+ }
+ }
+ else
+ {
+ return VAL_STATUS_INVALID;
+ }
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_import_key_negative_test(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ uint32_t i;
+ psa_key_policy_t policy;
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check2[i].test_desc, 0);
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Set the usage policy on a key slot */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
+ check2[i].key_alg);
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check2[i].key_slot, check2[i].key_type,
+ check2[i].key_data, check2[i].key_length);
+ if (check2[i].expected_status != status)
+ {
+ val->print(PRINT_ERROR, "\tPSA import key should have failed but succeeded\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/psa-ff/test_suites/crypto/test_c002/test_c002.h b/psa-ff/test_suites/crypto/test_c002/test_c002.h
new file mode 100644
index 0000000..1cc089e
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c002/test_c002.h
@@ -0,0 +1,34 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C002_CLIENT_TESTS_H_
+#define _TEST_C002_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+#include "val_crypto.h"
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c002_crypto_list[];
+
+int32_t psa_import_key_test(security_t caller);
+int32_t psa_import_key_negative_test(security_t caller);
+#endif /* _TEST_C002_CLIENT_TESTS_H_ */
diff --git a/psa-ff/test_suites/crypto/test_c002/test_data.h b/psa-ff/test_suites/crypto/test_c002/test_data.h
new file mode 100644
index 0000000..5492463
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c002/test_data.h
@@ -0,0 +1,285 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_slot_t key_slot;
+ psa_key_type_t key_type;
+ uint8_t key_data[34];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ uint32_t expected_bit_length;
+ uint32_t expected_key_length;
+ psa_status_t expected_status;
+} test_data;
+
+uint8_t rsa_384_keypair[1];
+uint8_t rsa_384_keydata[1];
+
+uint8_t rsa_256_keypair[] = {
+ 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
+ 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
+ 0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
+ 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 0x7F, 0xFE,
+ 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1,
+ 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B,
+ 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 0xDA,
+ 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63,
+ 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34,
+ 0xB3, 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73,
+ 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, 0x2E, 0xB8, 0x10,
+ 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4,
+ 0xBB, 0x17, 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5,
+ 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 0xBC, 0x23,
+ 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0,
+ 0xA1, 0x96, 0x4A, 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63,
+ 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 0x77,
+ 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39,
+ 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33,
+ 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5,
+ 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50,
+ 0x01, 0xEF, 0x9F, 0xED, 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7,
+ 0x92, 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, 0xC6, 0x79,
+ 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, 0x95, 0x77, 0xCB, 0xC3, 0x9A,
+ 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA,
+ 0x67, 0x16, 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, 0xFB,
+ 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, 0x98, 0x6B, 0x65, 0x9A,
+ 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22,
+ 0x60, 0x2A, 0x73, 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4,
+ 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, 0x25, 0x4E, 0x9F,
+ 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64,
+ 0xCA, 0x9A, 0x5B, 0x05, 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32,
+ 0x22, 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, 0x74, 0xD3,
+ 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, 0x7A, 0x97, 0x2E, 0xD6, 0xB6,
+ 0x19, 0xC6, 0x92, 0x26, 0xE4, 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9,
+ 0x78, 0x0D, 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, 0x41,
+ 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, 0xD2, 0x60, 0xF2, 0x9F,
+ 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C,
+ 0xE6, 0x55, 0x34, 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A,
+ 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, 0xF1, 0x58, 0x58,
+ 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9,
+ 0x10, 0x32, 0xB7, 0x93, 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6,
+ 0xB5, 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, 0x1B, 0xAC,
+ 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, 0x19, 0xB8, 0xC3, 0x60, 0xB1,
+ 0x57, 0x48, 0x5F, 0x52, 0x4F, 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43,
+ 0x50, 0x3F, 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, 0xAD,
+ 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, 0x70, 0x9C, 0x0A, 0x7C,
+ 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD,
+ 0x15, 0x73, 0xDA, 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0,
+ 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, 0xC6, 0xB1, 0x53,
+ 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D,
+ 0xB7, 0x5C, 0x5C, 0x7C, 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63,
+ 0xB3, 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, 0x8E, 0x7B,
+ 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, 0x7D, 0xEA, 0xFE, 0x76, 0xA1,
+ 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B,
+ 0x5B, 0x0F, 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, 0xED,
+ 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, 0x13, 0x23, 0x4C, 0xCB,
+ 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C,
+ 0xC1, 0x85, 0x5F, 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3,
+ 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, 0x5F, 0x53, 0xA4,
+ 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB,
+ 0xD5, 0xFE, 0xF9, 0x52, 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52,
+ 0x2F, 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, 0x52, 0xDA,
+ 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, 0xD3, 0x18, 0x14, 0x72, 0x77,
+ 0x5E, 0xC7, 0xA3, 0x04, 0x1F, 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3,
+ 0xF2, 0xB5, 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, 0x5F,
+ 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, 0x56, 0xC0, 0xD4, 0x22,
+ 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95,
+ 0x92, 0x31, 0x41, 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39,
+ 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, 0x22, 0x00, 0xFE,
+ 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41,
+ 0x56, 0x28, 0x51, 0x9E, 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2,
+ 0x6C, 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, 0xD4, 0x0C,
+ 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, 0xD4, 0xE6, 0xDC, 0x4C, 0xED,
+ 0xD7, 0x16, 0x11, 0xC3, 0x3E, 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE,
+ 0xBB, 0x75, 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, 0xC5,
+ 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, 0x6E, 0x99, 0x87, 0xF8,
+ 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF,
+ 0x16, 0xCA, 0x8B, 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC,
+ 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, 0x9D, 0xE0, 0x63,
+ 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D,
+ 0x45, 0xF9, 0x40, 0x8C, 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C,
+ 0xAC, 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, 0xE5, 0x8A,
+ 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, 0x86, 0x09, 0xB8, 0xD8, 0x76,
+ 0xA7, 0xC9, 0x1C, 0x71, 0x52, 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD,
+ 0x61, 0x1B, 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, 0x43,
+ 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, 0x5E, 0xCF, 0x4F, 0xFC,
+ 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5,
+ 0x29, 0xD0, 0x44, 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2,
+ 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
+ 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
+
+uint8_t rsa_256_keydata[] = {
+ 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
+ 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
+ 0x75, 0x10, 0xA0, 0xA2, 0xB8, 0xCE, 0x7D, 0xAA, 0xE2, 0x05, 0xE0, 0x7A, 0xD8, 0x44,
+ 0x63, 0x8F, 0xB5, 0xBD, 0xC0, 0xB0, 0x19, 0xB9, 0x37, 0xB8, 0x19, 0x4A, 0x0E, 0xF1,
+ 0x5D, 0x74, 0x80, 0x67, 0x46, 0x87, 0x06, 0xDE, 0x5B, 0x7F, 0x06, 0x03, 0xBD, 0xC1,
+ 0x8D, 0x5E, 0x07, 0x15, 0xD4, 0x5B, 0xF4, 0xDC, 0xE5, 0xCF, 0x3D, 0xF9, 0xC1, 0x11,
+ 0x2C, 0xAE, 0x6A, 0xB9, 0x8A, 0xBD, 0x1D, 0x67, 0x66, 0x17, 0xEA, 0x4E, 0xBD, 0xDB,
+ 0x15, 0x9A, 0x82, 0x87, 0xE4, 0xF0, 0x78, 0xC3, 0xA3, 0x85, 0x87, 0xB0, 0xFD, 0x9F,
+ 0xA9, 0x99, 0x5F, 0xE3, 0x33, 0xEC, 0xCC, 0xEA, 0x0B, 0xB5, 0x61, 0x5E, 0xF1, 0x49,
+ 0x7E, 0x3F, 0xA3, 0x2D, 0xEA, 0x01, 0x0C, 0xCC, 0x42, 0x9A, 0x76, 0x9B, 0xC4, 0xD0,
+ 0x37, 0xD3, 0xB1, 0x17, 0x01, 0x61, 0x01, 0x16, 0x59, 0x7E, 0x1C, 0x17, 0xC3, 0x53,
+ 0xFD, 0xD1, 0x72, 0xCB, 0x4C, 0x60, 0x15, 0xDA, 0x7D, 0xE2, 0xEA, 0xAD, 0x50, 0xEF,
+ 0x8E, 0xE2, 0x8B, 0xD4, 0x6A, 0x77, 0x55, 0xD6, 0x70, 0xD9, 0x6B, 0xBB, 0xF1, 0xEE,
+ 0x39, 0x04, 0x38, 0xA3, 0xBD, 0xE2, 0xD1, 0xE0, 0x66, 0x6B, 0xE2, 0x9C, 0x47, 0x99,
+ 0xE9, 0x28, 0xE6, 0xB6, 0xFC, 0x2E, 0xCA, 0x67, 0x43, 0x84, 0xE8, 0xD5, 0x83, 0xD6,
+ 0x9D, 0x98, 0x6B, 0x01, 0x3E, 0x81, 0xDC, 0x3C, 0x7A, 0xCA, 0xF9, 0xF3, 0x9C, 0xF7,
+ 0xD6, 0x28, 0x1B, 0x27, 0x78, 0x7C, 0xC3, 0xD0, 0xD5, 0x63, 0xA7, 0x81, 0x34, 0x89,
+ 0xAD, 0x25, 0x6A, 0xBD, 0xF2, 0xEA, 0xED, 0xFA, 0x57, 0xFC, 0xE5, 0x34, 0xC6, 0xC1,
+ 0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
+ 0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
+
+uint8_t ec_keydata[] = {
+ 0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
+ 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
+ 0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
+ 0xF6, 0x20, 0xA5, 0x58, 0xA5, 0x01, 0xE0, 0x22, 0x2D, 0x08, 0xCF, 0xE0, 0xDC, 0x8A,
+ 0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
+ 0x24, 0x74, 0x90, 0x9A, 0xE0};
+
+uint8_t ec_keypair[] = {
+ 0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
+ 0xF5, 0x49, 0xBD, 0x6F, 0x05, 0x53, 0x49, 0x4B, 0x73, 0xE3, 0xD6, 0x11, 0x30, 0xFD,
+ 0xC6, 0xC9, 0x6D, 0xA0, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
+ 0x01, 0xA1, 0x34, 0x03, 0x32, 0x00, 0x04, 0x51, 0x75, 0xBC, 0xDF, 0x30, 0xA3, 0x70,
+ 0xF3, 0x9D, 0x53, 0x93, 0xE6, 0x12, 0x72, 0x88, 0xD8, 0x01, 0x67, 0xB5, 0xF4, 0xB4,
+ 0xB7, 0x76, 0xC6, 0x74, 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F,
+ 0x68, 0x54, 0xB5, 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
+
+test_data check1[] = {
+{"Test psa_import_key 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_import_key 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
+{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
+ 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
+ AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_import_key 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
+{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
+ 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_import_key 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+ {0},
+ 294, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 2048, 294, PSA_SUCCESS
+},
+
+{"Test psa_import_key with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
+ {0},
+ 1193, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 2048, 1193, PSA_SUCCESS
+},
+
+{"Test psa_import_key with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
+ {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_import_key with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
+{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_import_key with Triple DES 3-Key\n", 8, PSA_KEY_TYPE_DES,
+{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
+ DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_import_key with EC Public key\n", 9,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | PSA_ECC_CURVE_SECP192R1,
+ {0},
+ 75, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 192, 75, PSA_SUCCESS
+},
+
+{"Test psa_import_key with EC keypair\n", 10,
+ PSA_KEY_TYPE_ECC_KEYPAIR_BASE | PSA_ECC_CURVE_SECP192R1,
+ {0},
+ 97, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 192, 97, PSA_SUCCESS
+},
+};
+
+
+test_data check2[] = {
+{"Test psa_import_key with key data greater than the algorithm size\n", 11, PSA_KEY_TYPE_AES,
+{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
+ 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
+ AES_34B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_34B_KEY_SIZE), AES_34B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_import_key with incorrect key data size\n", 12, PSA_KEY_TYPE_AES,
+{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
+ 0x40, 0xAC, 0xA3, 0x90},
+AES_18B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_18B_KEY_SIZE), AES_18B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_import_key with incorrect key type\n", 13, PSA_KEY_TYPE_VENDOR_FLAG,
+{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
+ 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
+AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_ERROR_NOT_SUPPORTED,
+},
+
+{"Test psa_import_key with already occupied key slot\n", 1, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_OCCUPIED_SLOT
+},
+
+{"Test psa_import_key with invalid key slot\n", INVALID_KEY_SLOT, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_import_key with zero key slot\n", ZERO_KEY_SLOT, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+};
diff --git a/psa-ff/test_suites/crypto/test_c002/test_entry.c b/psa-ff/test_suites/crypto/test_c002/test_entry.c
new file mode 100644
index 0000000..e52be28
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c002/test_entry.c
@@ -0,0 +1,69 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c002.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 2)
+#define TEST_DESC "Testing crypto key management APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t i, status = VAL_STATUS_SUCCESS;
+ bool_t destroy_status = TRUE;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c002_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->print(PRINT_DEBUG, "\tPSA destroy all the key slot\n", 0);
+ for (i = 1; i <= MAX_KEY_SLOT; i++)
+ {
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, i);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA destroy key failed for slot number: %d\n", i);
+ destroy_status = FALSE;
+ }
+ }
+
+ if (destroy_status)
+ {
+ val->print(PRINT_DEBUG, "\tPSA all the key slot successfully destroyed\n", 0);
+ }
+
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/crypto/test_c003/source.mk b/psa-ff/test_suites/crypto/test_c003/source.mk
new file mode 100644
index 0000000..350748f
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c003/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c003.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/crypto/test_c003/test_c003.c b/psa-ff/test_suites/crypto/test_c003/test_c003.c
new file mode 100644
index 0000000..661391b
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c003/test_c003.c
@@ -0,0 +1,218 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_c003.h"
+#include "test_data.h"
+
+client_test_t test_c003_crypto_list[] = {
+ NULL,
+ psa_export_key_test,
+ psa_export_key_negative_test,
+ NULL,
+};
+
+int g_test_count;
+
+int32_t psa_export_key_test(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ uint32_t length, i, j;
+ uint8_t data[BUFFER_SIZE];
+ uint8_t *key_data;
+ psa_key_policy_t policy;
+ psa_key_type_t key_type;
+ size_t bits;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+
+ g_test_count = 1;
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Set the key data buffer to the input base on algorithm */
+ for (i = 0; i < num_checks; i++)
+ {
+ if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
+ {
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keypair;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ else
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keydata;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ key_data = ec_keypair;
+ else
+ key_data = ec_keydata;
+ }
+ else
+ key_data = check1[i].key_data;
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_slot, &policy);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA set key policy failed\n", 0);
+ return status;
+ }
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_slot, check1[i].key_type,
+ key_data, check1[i].key_length);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA import key failed\n", 0);
+ return status;
+ }
+
+ /* Get basic metadata about a key */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_slot,
+ &key_type, &bits);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA get key information failed\n", 0);
+ return status;
+ }
+
+ if (key_type != check1[i].key_type)
+ {
+ val->print(PRINT_ERROR, "\tPSA mismatch key type\n", 0);
+ return status;
+ }
+
+ if (bits != check1[i].expected_bit_length)
+ {
+ val->print(PRINT_ERROR, "\tStored key length mismatch\n", 0);
+ return VAL_STATUS_INVALID_SIZE;
+ }
+
+ /* Export a key in binary format */
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check1[i].key_slot, data,
+ BUFFER_SIZE, &length);
+ if (status != check1[i].expected_status)
+ {
+ val->print(PRINT_ERROR, "\tPSA export key failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ continue;
+
+ if (length != check1[i].expected_key_length)
+ {
+ val->print(PRINT_ERROR, "\tKey length mismatch\n", 0);
+ return VAL_STATUS_INVALID_SIZE;
+ }
+
+ /* Check if original key data matches with the exported data */
+ if (val->crypto_key_type_is_raw(check1[i].key_type))
+ {
+ for (j = 0; j < length; j++)
+ {
+ if (check1[i].key_data[j] != data[j])
+ {
+ val->print(PRINT_ERROR, "\tKey data mismatch\n", 0);
+ return VAL_STATUS_DATA_MISMATCH;
+ }
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type) || PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ for (j = 0; j < length; j++)
+ {
+ if (key_data[j] != data[j])
+ {
+ val->print(PRINT_ERROR, "\tKey data mismatch\n", 0);
+ return VAL_STATUS_DATA_MISMATCH;
+ }
+ }
+ }
+ else
+ {
+ return VAL_STATUS_INVALID;
+ }
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_export_key_negative_test(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ uint32_t i, length;
+ uint8_t data[BUFFER_SIZE];
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check2[i].test_desc, 0);
+
+ /* Export a key in binary format */
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check2[i].key_slot, data,
+ check2[i].key_length, &length);
+ if (check2[i].expected_status != status)
+ {
+ val->print(PRINT_ERROR, "\tPSA export key should have failed but succeeded\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+ }
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/psa-ff/test_suites/crypto/test_c003/test_c003.h b/psa-ff/test_suites/crypto/test_c003/test_c003.h
new file mode 100644
index 0000000..0f81b55
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c003/test_c003.h
@@ -0,0 +1,34 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C003_CLIENT_TESTS_H_
+#define _TEST_C003_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+#include "val_crypto.h"
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c003_crypto_list[];
+
+int32_t psa_export_key_test(security_t caller);
+int32_t psa_export_key_negative_test(security_t caller);
+#endif /* _TEST_C003_CLIENT_TESTS_H_ */
diff --git a/psa-ff/test_suites/crypto/test_c003/test_data.h b/psa-ff/test_suites/crypto/test_c003/test_data.h
new file mode 100644
index 0000000..a560c63
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c003/test_data.h
@@ -0,0 +1,274 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+#define EMPTY_KEY_SLOT 31
+
+typedef struct {
+ char test_desc[75];
+ psa_key_slot_t key_slot;
+ psa_key_type_t key_type;
+ uint8_t key_data[34];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ uint32_t expected_bit_length;
+ uint32_t expected_key_length;
+ psa_status_t expected_status;
+} test_data;
+
+uint8_t rsa_384_keypair[1];
+uint8_t rsa_384_keydata[1];
+uint8_t rsa_256_keypair[] = {
+ 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
+ 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
+ 0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
+ 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 0x7F, 0xFE,
+ 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1,
+ 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B,
+ 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 0xDA,
+ 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63,
+ 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34,
+ 0xB3, 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73,
+ 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, 0x2E, 0xB8, 0x10,
+ 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4,
+ 0xBB, 0x17, 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5,
+ 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 0xBC, 0x23,
+ 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0,
+ 0xA1, 0x96, 0x4A, 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63,
+ 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 0x77,
+ 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39,
+ 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33,
+ 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5,
+ 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50,
+ 0x01, 0xEF, 0x9F, 0xED, 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7,
+ 0x92, 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, 0xC6, 0x79,
+ 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, 0x95, 0x77, 0xCB, 0xC3, 0x9A,
+ 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA,
+ 0x67, 0x16, 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, 0xFB,
+ 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, 0x98, 0x6B, 0x65, 0x9A,
+ 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22,
+ 0x60, 0x2A, 0x73, 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4,
+ 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, 0x25, 0x4E, 0x9F,
+ 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64,
+ 0xCA, 0x9A, 0x5B, 0x05, 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32,
+ 0x22, 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, 0x74, 0xD3,
+ 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, 0x7A, 0x97, 0x2E, 0xD6, 0xB6,
+ 0x19, 0xC6, 0x92, 0x26, 0xE4, 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9,
+ 0x78, 0x0D, 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, 0x41,
+ 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, 0xD2, 0x60, 0xF2, 0x9F,
+ 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C,
+ 0xE6, 0x55, 0x34, 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A,
+ 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, 0xF1, 0x58, 0x58,
+ 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9,
+ 0x10, 0x32, 0xB7, 0x93, 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6,
+ 0xB5, 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, 0x1B, 0xAC,
+ 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, 0x19, 0xB8, 0xC3, 0x60, 0xB1,
+ 0x57, 0x48, 0x5F, 0x52, 0x4F, 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43,
+ 0x50, 0x3F, 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, 0xAD,
+ 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, 0x70, 0x9C, 0x0A, 0x7C,
+ 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD,
+ 0x15, 0x73, 0xDA, 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0,
+ 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, 0xC6, 0xB1, 0x53,
+ 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D,
+ 0xB7, 0x5C, 0x5C, 0x7C, 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63,
+ 0xB3, 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, 0x8E, 0x7B,
+ 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, 0x7D, 0xEA, 0xFE, 0x76, 0xA1,
+ 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B,
+ 0x5B, 0x0F, 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, 0xED,
+ 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, 0x13, 0x23, 0x4C, 0xCB,
+ 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C,
+ 0xC1, 0x85, 0x5F, 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3,
+ 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, 0x5F, 0x53, 0xA4,
+ 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB,
+ 0xD5, 0xFE, 0xF9, 0x52, 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52,
+ 0x2F, 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, 0x52, 0xDA,
+ 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, 0xD3, 0x18, 0x14, 0x72, 0x77,
+ 0x5E, 0xC7, 0xA3, 0x04, 0x1F, 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3,
+ 0xF2, 0xB5, 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, 0x5F,
+ 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, 0x56, 0xC0, 0xD4, 0x22,
+ 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95,
+ 0x92, 0x31, 0x41, 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39,
+ 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, 0x22, 0x00, 0xFE,
+ 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41,
+ 0x56, 0x28, 0x51, 0x9E, 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2,
+ 0x6C, 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, 0xD4, 0x0C,
+ 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, 0xD4, 0xE6, 0xDC, 0x4C, 0xED,
+ 0xD7, 0x16, 0x11, 0xC3, 0x3E, 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE,
+ 0xBB, 0x75, 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, 0xC5,
+ 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, 0x6E, 0x99, 0x87, 0xF8,
+ 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF,
+ 0x16, 0xCA, 0x8B, 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC,
+ 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, 0x9D, 0xE0, 0x63,
+ 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D,
+ 0x45, 0xF9, 0x40, 0x8C, 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C,
+ 0xAC, 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, 0xE5, 0x8A,
+ 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, 0x86, 0x09, 0xB8, 0xD8, 0x76,
+ 0xA7, 0xC9, 0x1C, 0x71, 0x52, 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD,
+ 0x61, 0x1B, 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, 0x43,
+ 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, 0x5E, 0xCF, 0x4F, 0xFC,
+ 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5,
+ 0x29, 0xD0, 0x44, 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2,
+ 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
+ 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
+
+uint8_t rsa_256_keydata[] = {
+ 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
+ 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
+ 0x75, 0x10, 0xA0, 0xA2, 0xB8, 0xCE, 0x7D, 0xAA, 0xE2, 0x05, 0xE0, 0x7A, 0xD8, 0x44,
+ 0x63, 0x8F, 0xB5, 0xBD, 0xC0, 0xB0, 0x19, 0xB9, 0x37, 0xB8, 0x19, 0x4A, 0x0E, 0xF1,
+ 0x5D, 0x74, 0x80, 0x67, 0x46, 0x87, 0x06, 0xDE, 0x5B, 0x7F, 0x06, 0x03, 0xBD, 0xC1,
+ 0x8D, 0x5E, 0x07, 0x15, 0xD4, 0x5B, 0xF4, 0xDC, 0xE5, 0xCF, 0x3D, 0xF9, 0xC1, 0x11,
+ 0x2C, 0xAE, 0x6A, 0xB9, 0x8A, 0xBD, 0x1D, 0x67, 0x66, 0x17, 0xEA, 0x4E, 0xBD, 0xDB,
+ 0x15, 0x9A, 0x82, 0x87, 0xE4, 0xF0, 0x78, 0xC3, 0xA3, 0x85, 0x87, 0xB0, 0xFD, 0x9F,
+ 0xA9, 0x99, 0x5F, 0xE3, 0x33, 0xEC, 0xCC, 0xEA, 0x0B, 0xB5, 0x61, 0x5E, 0xF1, 0x49,
+ 0x7E, 0x3F, 0xA3, 0x2D, 0xEA, 0x01, 0x0C, 0xCC, 0x42, 0x9A, 0x76, 0x9B, 0xC4, 0xD0,
+ 0x37, 0xD3, 0xB1, 0x17, 0x01, 0x61, 0x01, 0x16, 0x59, 0x7E, 0x1C, 0x17, 0xC3, 0x53,
+ 0xFD, 0xD1, 0x72, 0xCB, 0x4C, 0x60, 0x15, 0xDA, 0x7D, 0xE2, 0xEA, 0xAD, 0x50, 0xEF,
+ 0x8E, 0xE2, 0x8B, 0xD4, 0x6A, 0x77, 0x55, 0xD6, 0x70, 0xD9, 0x6B, 0xBB, 0xF1, 0xEE,
+ 0x39, 0x04, 0x38, 0xA3, 0xBD, 0xE2, 0xD1, 0xE0, 0x66, 0x6B, 0xE2, 0x9C, 0x47, 0x99,
+ 0xE9, 0x28, 0xE6, 0xB6, 0xFC, 0x2E, 0xCA, 0x67, 0x43, 0x84, 0xE8, 0xD5, 0x83, 0xD6,
+ 0x9D, 0x98, 0x6B, 0x01, 0x3E, 0x81, 0xDC, 0x3C, 0x7A, 0xCA, 0xF9, 0xF3, 0x9C, 0xF7,
+ 0xD6, 0x28, 0x1B, 0x27, 0x78, 0x7C, 0xC3, 0xD0, 0xD5, 0x63, 0xA7, 0x81, 0x34, 0x89,
+ 0xAD, 0x25, 0x6A, 0xBD, 0xF2, 0xEA, 0xED, 0xFA, 0x57, 0xFC, 0xE5, 0x34, 0xC6, 0xC1,
+ 0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
+ 0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
+
+uint8_t ec_keydata[] = {
+ 0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
+ 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
+ 0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
+ 0xF6, 0x20, 0xA5, 0x58, 0xA5, 0x01, 0xE0, 0x22, 0x2D, 0x08, 0xCF, 0xE0, 0xDC, 0x8A,
+ 0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
+ 0x24, 0x74, 0x90, 0x9A, 0xE0};
+
+uint8_t ec_keypair[] = {
+ 0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
+ 0xF5, 0x49, 0xBD, 0x6F, 0x05, 0x53, 0x49, 0x4B, 0x73, 0xE3, 0xD6, 0x11, 0x30, 0xFD,
+ 0xC6, 0xC9, 0x6D, 0xA0, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
+ 0x01, 0xA1, 0x34, 0x03, 0x32, 0x00, 0x04, 0x51, 0x75, 0xBC, 0xDF, 0x30, 0xA3, 0x70,
+ 0xF3, 0x9D, 0x53, 0x93, 0xE6, 0x12, 0x72, 0x88, 0xD8, 0x01, 0x67, 0xB5, 0xF4, 0xB4,
+ 0xB7, 0x76, 0xC6, 0x74, 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F,
+ 0x68, 0x54, 0xB5, 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
+
+test_data check1[] = {
+{"Test psa_export_key 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_export_key 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
+{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
+ 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
+ AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_export_key 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
+{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
+ 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_export_key 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+ {0},
+ 294, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 2048, 294, PSA_SUCCESS
+},
+
+{"Test psa_export_key with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
+ {0},
+ 1193, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 2048, 1193, PSA_SUCCESS
+},
+
+{"Test psa_export_key with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
+ {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_export_key with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
+{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_export_key with Triple DES 3-Key\n", 8, PSA_KEY_TYPE_DES,
+{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
+ DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_export_key with EC Public key\n", 9,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | PSA_ECC_CURVE_SECP192R1,
+ {0},
+ 75, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 192, 75, PSA_SUCCESS
+},
+
+{"Test psa_export_key with EC keypair\n", 10,
+ PSA_KEY_TYPE_ECC_KEYPAIR_BASE | PSA_ECC_CURVE_SECP192R1,
+ {0},
+ 97, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 192, 97, PSA_SUCCESS
+},
+
+{"Test psa_export_key with key policy verify\n", 11, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_VERIFY, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_NOT_PERMITTED
+},
+};
+
+
+test_data check2[] = {
+{"Test psa_export_key with invalid key slot\n", INVALID_KEY_SLOT, PSA_KEY_TYPE_AES,
+{0},
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_export_key with zero key slot\n", ZERO_KEY_SLOT, PSA_KEY_TYPE_AES,
+{0},
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_export_key with less buffer size\n", 1, PSA_KEY_TYPE_AES,
+{0},
+14, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_BUFFER_TOO_SMALL
+},
+
+{"Test psa_export_key with empty key slot\n", EMPTY_KEY_SLOT, PSA_KEY_TYPE_AES,
+{0},
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_EMPTY_SLOT
+},
+};
diff --git a/psa-ff/test_suites/crypto/test_c003/test_entry.c b/psa-ff/test_suites/crypto/test_c003/test_entry.c
new file mode 100644
index 0000000..cba7066
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c003/test_entry.c
@@ -0,0 +1,69 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c003.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 3)
+#define TEST_DESC "Testing crypto key management APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t i, status = VAL_STATUS_SUCCESS;
+ bool_t destroy_status = TRUE;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c003_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->print(PRINT_DEBUG, "\tPSA destroy all the key slot\n", 0);
+ for (i = 1; i <= MAX_KEY_SLOT; i++)
+ {
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, i);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA destroy key failed for slot number: %d\n", i);
+ destroy_status = FALSE;
+ }
+ }
+
+ if (destroy_status)
+ {
+ val->print(PRINT_DEBUG, "\tPSA all the key slot successfully destroyed\n", 0);
+ }
+
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/crypto/test_c004/source.mk b/psa-ff/test_suites/crypto/test_c004/source.mk
new file mode 100644
index 0000000..559bf61
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c004/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c004.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/crypto/test_c004/test_c004.c b/psa-ff/test_suites/crypto/test_c004/test_c004.c
new file mode 100644
index 0000000..66c6839
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c004/test_c004.c
@@ -0,0 +1,225 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_c004.h"
+#include "test_data.h"
+
+client_test_t test_c004_crypto_list[] = {
+ NULL,
+ test_psa_export_public_key,
+ test_psa_export_public_key_slot,
+ NULL,
+};
+
+int g_test_count;
+
+int32_t test_psa_export_public_key(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ uint32_t length, i, j;
+ uint8_t data[BUFFER_SIZE];
+ uint8_t *key_data;
+ psa_key_policy_t policy;
+ psa_key_type_t key_type;
+ size_t bits;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+
+ g_test_count = 1;
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Set the key data buffer to the input base on algorithm */
+ for (i = 0; i < num_checks; i++)
+ {
+ if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
+ {
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keypair;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ else
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keydata;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ key_data = ec_keypair;
+ else
+ key_data = ec_keydata;
+ }
+ else
+ key_data = check1[i].key_data;
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_slot, &policy);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA set key policy failed\n", 0);
+ return status;
+ }
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_slot, check1[i].key_type,
+ key_data, check1[i].key_length);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA import key failed\n", 0);
+ return status;
+ }
+
+ /* Get basic metadata about a key */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_slot,
+ &key_type, &bits);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA get key information failed\n", 0);
+ return status;
+ }
+
+ if (key_type != check1[i].key_type)
+ {
+ val->print(PRINT_ERROR, "\tPSA mismatch key type\n", 0);
+ return status;
+ }
+
+ if (bits != check1[i].expected_bit_length)
+ {
+ val->print(PRINT_ERROR, "\tStored key length mismatch\n", 0);
+ return VAL_STATUS_INVALID_SIZE;
+ }
+
+ /* Export a key in binary format */
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_PUBLIC_KEY, check1[i].key_slot, data,
+ BUFFER_SIZE, &length);
+ if (status != check1[i].expected_status)
+ {
+ val->print(PRINT_ERROR, "\tPSA export public key failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ if (check1[i].expected_status != PSA_SUCCESS)
+ continue;
+
+ if (length != check1[i].expected_key_length)
+ {
+ val->print(PRINT_ERROR, "\tKey length mismatch\n", 0);
+ return VAL_STATUS_INVALID_SIZE;
+ }
+
+ /* Check if original key data matches with the exported data */
+ if (val->crypto_key_type_is_raw(check1[i].key_type))
+ {
+ for (j = 0; j < length; j++)
+ {
+ if (check1[i].key_data[j] != data[j])
+ {
+ val->print(PRINT_ERROR, "\tKey data mismatch\n", 0);
+ return VAL_STATUS_DATA_MISMATCH;
+ }
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type) || PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ key_data = expected_rsa_256_pubprv;
+ else if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ key_data = expected_ec_pubprv;
+
+ for (j = 0; j < length; j++)
+ {
+ if (key_data[j] != data[j])
+ {
+ val->print(PRINT_ERROR, "\tKey data mismatch\n", 0);
+ return VAL_STATUS_DATA_MISMATCH;
+ }
+ }
+ }
+ else
+ {
+ return VAL_STATUS_INVALID;
+ }
+ }
+
+ return VAL_STATUS_SUCCESS;
+
+}
+
+int32_t test_psa_export_public_key_slot(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ uint32_t i, length;
+ uint8_t data[BUFFER_SIZE];
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check2[i].test_desc, 0);
+
+ /* Export a key in binary format */
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_PUBLIC_KEY, check2[i].key_slot, data,
+ check2[i].key_length, &length);
+ if (check2[i].expected_status != status)
+ {
+ val->print(PRINT_ERROR, "\tPSA export publickey should have failed but succeeded\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+ }
+ return VAL_STATUS_SUCCESS;
+}
+
diff --git a/psa-ff/test_suites/crypto/test_c004/test_c004.h b/psa-ff/test_suites/crypto/test_c004/test_c004.h
new file mode 100644
index 0000000..b355d33
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c004/test_c004.h
@@ -0,0 +1,34 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C004_CLIENT_TESTS_H_
+#define _TEST_C004_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+#include "val_crypto.h"
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c004_crypto_list[];
+
+int32_t test_psa_export_public_key(security_t caller);
+int32_t test_psa_export_public_key_slot(security_t caller);
+#endif /* _TEST_C004_CLIENT_TESTS_H_ */
diff --git a/psa-ff/test_suites/crypto/test_c004/test_data.h b/psa-ff/test_suites/crypto/test_c004/test_data.h
new file mode 100644
index 0000000..b446350
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c004/test_data.h
@@ -0,0 +1,309 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+#define EMPTY_KEY_SLOT 31
+
+typedef struct {
+ char test_desc[75];
+ psa_key_slot_t key_slot;
+ psa_key_type_t key_type;
+ uint8_t key_data[34];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ uint32_t expected_bit_length;
+ uint32_t expected_key_length;
+ psa_status_t expected_status;
+} test_data;
+
+uint8_t rsa_384_keypair[1];
+uint8_t rsa_384_keydata[1];
+uint8_t expected_rsa_256_pubprv[] = {
+0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7,
+0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82,
+0x01, 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0, 0x95, 0x08, 0xE1, 0x57, 0x41,
+0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27, 0x01, 0x65, 0xC6, 0x45, 0xAE,
+0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F, 0x4E, 0xD6, 0xF6, 0x1C, 0x88,
+0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 0x7F, 0xFE, 0x5C, 0x9C, 0x51, 0x75, 0xF7,
+0x8A, 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1, 0xBD, 0x7B, 0xC0, 0x2F, 0x7C,
+0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B, 0xBA, 0xE0, 0x21, 0xE5, 0x72,
+0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 0xDA, 0xAC, 0x1B, 0x53, 0xB9, 0x5F,
+0x3F, 0xD7, 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63, 0x63, 0x51, 0x8B, 0x0B, 0x64,
+0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34, 0xB3, 0xAE, 0x00, 0xA0, 0x63,
+0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73, 0xA6, 0x8C, 0x18, 0xA9, 0x02,
+0x6D, 0xAF, 0xC3, 0x19, 0x01, 0x2E, 0xB8, 0x10, 0xE3, 0xC6, 0xCC, 0x40, 0xB4,
+0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4, 0xBB, 0x17, 0xA6, 0xF3, 0xE8,
+0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5, 0xFD, 0x66, 0x51, 0x0C, 0xBD,
+0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 0xBC, 0x23, 0x73, 0xD1, 0x09, 0x03, 0x89,
+0x14, 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0, 0xA1, 0x96, 0x4A, 0xBC, 0xE1,
+0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63, 0x78, 0x0F, 0x44, 0x37, 0x30,
+0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 0x77, 0xBA, 0x13, 0xD2, 0x97, 0x73,
+0xE2, 0x5D, 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39, 0x60, 0xA4, 0xB4, 0xB0, 0x69,
+0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33, 0x20, 0xB3, 0x58, 0x22, 0xA7,
+0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5, 0xD2, 0x96, 0xDF, 0xD9, 0xD0,
+0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01};
+
+uint8_t expected_ec_pubprv[] = {
+ 0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01,
+ 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00,
+ 0x04, 0x51, 0x75, 0xBC, 0xDF, 0x30, 0xA3, 0x70, 0xF3, 0x9D, 0x53, 0x93, 0xE6,
+ 0x12, 0x72, 0x88, 0xD8, 0x01, 0x67, 0xB5, 0xF4, 0xB4, 0xB7, 0x76, 0xC6, 0x74,
+ 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F, 0x68, 0x54, 0xB5,
+ 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
+
+uint8_t rsa_256_keypair[] = {
+ 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
+ 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
+ 0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
+ 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 0x7F, 0xFE,
+ 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1,
+ 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B,
+ 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 0xDA,
+ 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63,
+ 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34,
+ 0xB3, 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73,
+ 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, 0x2E, 0xB8, 0x10,
+ 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4,
+ 0xBB, 0x17, 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5,
+ 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 0xBC, 0x23,
+ 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0,
+ 0xA1, 0x96, 0x4A, 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63,
+ 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 0x77,
+ 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39,
+ 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33,
+ 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5,
+ 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50,
+ 0x01, 0xEF, 0x9F, 0xED, 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7,
+ 0x92, 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, 0xC6, 0x79,
+ 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, 0x95, 0x77, 0xCB, 0xC3, 0x9A,
+ 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA,
+ 0x67, 0x16, 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, 0xFB,
+ 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, 0x98, 0x6B, 0x65, 0x9A,
+ 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22,
+ 0x60, 0x2A, 0x73, 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4,
+ 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, 0x25, 0x4E, 0x9F,
+ 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64,
+ 0xCA, 0x9A, 0x5B, 0x05, 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32,
+ 0x22, 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, 0x74, 0xD3,
+ 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, 0x7A, 0x97, 0x2E, 0xD6, 0xB6,
+ 0x19, 0xC6, 0x92, 0x26, 0xE4, 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9,
+ 0x78, 0x0D, 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, 0x41,
+ 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, 0xD2, 0x60, 0xF2, 0x9F,
+ 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C,
+ 0xE6, 0x55, 0x34, 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A,
+ 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, 0xF1, 0x58, 0x58,
+ 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9,
+ 0x10, 0x32, 0xB7, 0x93, 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6,
+ 0xB5, 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, 0x1B, 0xAC,
+ 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, 0x19, 0xB8, 0xC3, 0x60, 0xB1,
+ 0x57, 0x48, 0x5F, 0x52, 0x4F, 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43,
+ 0x50, 0x3F, 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, 0xAD,
+ 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, 0x70, 0x9C, 0x0A, 0x7C,
+ 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD,
+ 0x15, 0x73, 0xDA, 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0,
+ 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, 0xC6, 0xB1, 0x53,
+ 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D,
+ 0xB7, 0x5C, 0x5C, 0x7C, 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63,
+ 0xB3, 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, 0x8E, 0x7B,
+ 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, 0x7D, 0xEA, 0xFE, 0x76, 0xA1,
+ 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B,
+ 0x5B, 0x0F, 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, 0xED,
+ 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, 0x13, 0x23, 0x4C, 0xCB,
+ 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C,
+ 0xC1, 0x85, 0x5F, 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3,
+ 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, 0x5F, 0x53, 0xA4,
+ 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB,
+ 0xD5, 0xFE, 0xF9, 0x52, 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52,
+ 0x2F, 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, 0x52, 0xDA,
+ 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, 0xD3, 0x18, 0x14, 0x72, 0x77,
+ 0x5E, 0xC7, 0xA3, 0x04, 0x1F, 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3,
+ 0xF2, 0xB5, 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, 0x5F,
+ 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, 0x56, 0xC0, 0xD4, 0x22,
+ 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95,
+ 0x92, 0x31, 0x41, 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39,
+ 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, 0x22, 0x00, 0xFE,
+ 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41,
+ 0x56, 0x28, 0x51, 0x9E, 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2,
+ 0x6C, 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, 0xD4, 0x0C,
+ 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, 0xD4, 0xE6, 0xDC, 0x4C, 0xED,
+ 0xD7, 0x16, 0x11, 0xC3, 0x3E, 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE,
+ 0xBB, 0x75, 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, 0xC5,
+ 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, 0x6E, 0x99, 0x87, 0xF8,
+ 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF,
+ 0x16, 0xCA, 0x8B, 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC,
+ 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, 0x9D, 0xE0, 0x63,
+ 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D,
+ 0x45, 0xF9, 0x40, 0x8C, 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C,
+ 0xAC, 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, 0xE5, 0x8A,
+ 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, 0x86, 0x09, 0xB8, 0xD8, 0x76,
+ 0xA7, 0xC9, 0x1C, 0x71, 0x52, 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD,
+ 0x61, 0x1B, 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, 0x43,
+ 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, 0x5E, 0xCF, 0x4F, 0xFC,
+ 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5,
+ 0x29, 0xD0, 0x44, 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2,
+ 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
+ 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
+
+uint8_t rsa_256_keydata[] = {
+ 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
+ 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
+ 0x75, 0x10, 0xA0, 0xA2, 0xB8, 0xCE, 0x7D, 0xAA, 0xE2, 0x05, 0xE0, 0x7A, 0xD8, 0x44,
+ 0x63, 0x8F, 0xB5, 0xBD, 0xC0, 0xB0, 0x19, 0xB9, 0x37, 0xB8, 0x19, 0x4A, 0x0E, 0xF1,
+ 0x5D, 0x74, 0x80, 0x67, 0x46, 0x87, 0x06, 0xDE, 0x5B, 0x7F, 0x06, 0x03, 0xBD, 0xC1,
+ 0x8D, 0x5E, 0x07, 0x15, 0xD4, 0x5B, 0xF4, 0xDC, 0xE5, 0xCF, 0x3D, 0xF9, 0xC1, 0x11,
+ 0x2C, 0xAE, 0x6A, 0xB9, 0x8A, 0xBD, 0x1D, 0x67, 0x66, 0x17, 0xEA, 0x4E, 0xBD, 0xDB,
+ 0x15, 0x9A, 0x82, 0x87, 0xE4, 0xF0, 0x78, 0xC3, 0xA3, 0x85, 0x87, 0xB0, 0xFD, 0x9F,
+ 0xA9, 0x99, 0x5F, 0xE3, 0x33, 0xEC, 0xCC, 0xEA, 0x0B, 0xB5, 0x61, 0x5E, 0xF1, 0x49,
+ 0x7E, 0x3F, 0xA3, 0x2D, 0xEA, 0x01, 0x0C, 0xCC, 0x42, 0x9A, 0x76, 0x9B, 0xC4, 0xD0,
+ 0x37, 0xD3, 0xB1, 0x17, 0x01, 0x61, 0x01, 0x16, 0x59, 0x7E, 0x1C, 0x17, 0xC3, 0x53,
+ 0xFD, 0xD1, 0x72, 0xCB, 0x4C, 0x60, 0x15, 0xDA, 0x7D, 0xE2, 0xEA, 0xAD, 0x50, 0xEF,
+ 0x8E, 0xE2, 0x8B, 0xD4, 0x6A, 0x77, 0x55, 0xD6, 0x70, 0xD9, 0x6B, 0xBB, 0xF1, 0xEE,
+ 0x39, 0x04, 0x38, 0xA3, 0xBD, 0xE2, 0xD1, 0xE0, 0x66, 0x6B, 0xE2, 0x9C, 0x47, 0x99,
+ 0xE9, 0x28, 0xE6, 0xB6, 0xFC, 0x2E, 0xCA, 0x67, 0x43, 0x84, 0xE8, 0xD5, 0x83, 0xD6,
+ 0x9D, 0x98, 0x6B, 0x01, 0x3E, 0x81, 0xDC, 0x3C, 0x7A, 0xCA, 0xF9, 0xF3, 0x9C, 0xF7,
+ 0xD6, 0x28, 0x1B, 0x27, 0x78, 0x7C, 0xC3, 0xD0, 0xD5, 0x63, 0xA7, 0x81, 0x34, 0x89,
+ 0xAD, 0x25, 0x6A, 0xBD, 0xF2, 0xEA, 0xED, 0xFA, 0x57, 0xFC, 0xE5, 0x34, 0xC6, 0xC1,
+ 0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
+ 0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
+
+uint8_t ec_keydata[] = {
+ 0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
+ 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
+ 0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
+ 0xF6, 0x20, 0xA5, 0x58, 0xA5, 0x01, 0xE0, 0x22, 0x2D, 0x08, 0xCF, 0xE0, 0xDC, 0x8A,
+ 0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
+ 0x24, 0x74, 0x90, 0x9A, 0xE0};
+
+uint8_t ec_keypair[] = {
+ 0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
+ 0xF5, 0x49, 0xBD, 0x6F, 0x05, 0x53, 0x49, 0x4B, 0x73, 0xE3, 0xD6, 0x11, 0x30, 0xFD,
+ 0xC6, 0xC9, 0x6D, 0xA0, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
+ 0x01, 0xA1, 0x34, 0x03, 0x32, 0x00, 0x04, 0x51, 0x75, 0xBC, 0xDF, 0x30, 0xA3, 0x70,
+ 0xF3, 0x9D, 0x53, 0x93, 0xE6, 0x12, 0x72, 0x88, 0xD8, 0x01, 0x67, 0xB5, 0xF4, 0xB4,
+ 0xB7, 0x76, 0xC6, 0x74, 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F,
+ 0x68, 0x54, 0xB5, 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
+
+test_data check1[] = {
+{"Test psa_export_public_key 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_export_public_key 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
+{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
+ 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
+ AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_export_public_key 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
+{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
+ 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_export_public_key 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+ {0},
+ 294, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 2048, 294, PSA_SUCCESS
+},
+
+{"Test psa_export_public_key with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
+ {0},
+ 1193, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 2048, 294, PSA_SUCCESS
+},
+
+{"Test psa_export_public_key with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
+ {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_export_public_key with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
+{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_export_public_key with Triple DES 3-Key\n", 8, PSA_KEY_TYPE_DES,
+{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
+ DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_export_public_key with EC Public key\n", 9,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | PSA_ECC_CURVE_SECP192R1,
+ {0},
+ 75, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 192, 75, PSA_SUCCESS
+},
+
+{"Test psa_export_public_key with EC keypair\n", 10,
+ PSA_KEY_TYPE_ECC_KEYPAIR_BASE | PSA_ECC_CURVE_SECP192R1,
+ {0},
+ 97, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 192, 75, PSA_SUCCESS
+},
+
+{"Test psa_export_public_key with invalid key usage policy\n", 11,
+ PSA_KEY_TYPE_ECC_KEYPAIR_BASE | PSA_ECC_CURVE_SECP192R1,
+ {0},
+ 97, PSA_KEY_USAGE_VERIFY, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 192, 75, PSA_SUCCESS
+},
+
+};
+
+
+test_data check2[] = {
+{"Test psa_export_public_key with invalid keyslot\n", INVALID_KEY_SLOT, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+{0},
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_export_public_key with zero key slot\n", ZERO_KEY_SLOT, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+{0},
+294, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+2048, 294, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_export_public_key with less buffer size\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+{0},
+200, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+2048, 294, PSA_ERROR_BUFFER_TOO_SMALL
+},
+
+{"Test psa_export_public_key with empty key slot\n", EMPTY_KEY_SLOT, PSA_KEY_TYPE_AES,
+{0},
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_EMPTY_SLOT
+},
+
+};
diff --git a/psa-ff/test_suites/crypto/test_c004/test_entry.c b/psa-ff/test_suites/crypto/test_c004/test_entry.c
new file mode 100644
index 0000000..562aa43
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c004/test_entry.c
@@ -0,0 +1,69 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c004.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 4)
+#define TEST_DESC "Testing crypto key management APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t i, status = VAL_STATUS_SUCCESS;
+ bool_t destroy_status = TRUE;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c004_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->print(PRINT_DEBUG, "\tPSA destroy all the key slot\n", 0);
+ for (i = 1; i <= MAX_KEY_SLOT; i++)
+ {
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, i);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA destroy key failed for slot number: %d\n", i);
+ destroy_status = FALSE;
+ }
+ }
+
+ if (destroy_status)
+ {
+ val->print(PRINT_DEBUG, "\tPSA all the key slot successfully destroyed\n", 0);
+ }
+
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/crypto/test_c005/source.mk b/psa-ff/test_suites/crypto/test_c005/source.mk
new file mode 100644
index 0000000..0aa393b
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c005/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c005.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/crypto/test_c005/test_c005.c b/psa-ff/test_suites/crypto/test_c005/test_c005.c
new file mode 100644
index 0000000..83f01af
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c005/test_c005.c
@@ -0,0 +1,199 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_c005.h"
+#include "test_data.h"
+
+client_test_t test_c005_crypto_list[] = {
+ NULL,
+ psa_destroy_key_test,
+ psa_destroy_invalid_key_test,
+ NULL,
+};
+
+int g_test_count;
+
+int32_t psa_destroy_key_test(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ uint32_t i;
+ uint8_t *key_data;
+ psa_key_policy_t policy;
+ psa_key_type_t key_type;
+ size_t bits;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+
+ g_test_count = 1;
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Set the key data buffer to the input base on algorithm */
+ for (i = 0; i < num_checks; i++)
+ {
+ if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
+ {
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keypair;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ else
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keydata;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ key_data = ec_keypair;
+ else
+ key_data = ec_keydata;
+ }
+ else
+ key_data = check1[i].key_data;
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_slot, &policy);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA set key policy failed\n", 0);
+ return status;
+ }
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_slot, check1[i].key_type,
+ key_data, check1[i].key_length);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA import key failed\n", 0);
+ return status;
+ }
+
+ /* Get basic metadata about a key */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_slot,
+ &key_type, &bits);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA get key information failed\n", 0);
+ return status;
+ }
+
+ if (key_type != check1[i].key_type)
+ {
+ val->print(PRINT_ERROR, "\tPSA mismatch key type\n", 0);
+ return status;
+ }
+
+ if (bits != check1[i].expected_bit_length)
+ {
+ val->print(PRINT_ERROR, "\tStored key length mismatch\n", 0);
+ return VAL_STATUS_INVALID_SIZE;
+ }
+
+ /* Destroy a key and restore the slot to its default state */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check1[i].key_slot);
+ if (status != check1[i].expected_status)
+ {
+ val->print(PRINT_ERROR, "\tPSA destroy key failed\n", 0);
+ return status;
+ }
+
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_slot,
+ &key_type, &bits);
+ if (status == PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA get key info succeeded but should have failed\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Check that if the key metadata are destroyed */
+ if (key_type == check1[i].key_type)
+ {
+ val->print(PRINT_ERROR, "\tPSA key meta data not destroyed\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ if (check1[i].expected_bit_length == bits)
+ {
+ val->print(PRINT_ERROR, "\tPSA key meta data not destroyed\n", 0);
+ return status;
+ }
+
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_destroy_invalid_key_test(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ uint32_t i;
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check2[i].test_desc, 0);
+
+ /* Destroy a key and restore the slot to its default state */
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, check2[i].key_slot);
+ if (check2[i].expected_status != status)
+ {
+ val->print(PRINT_ERROR, "\tPSA destroy key should have failed but succeeded\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+ }
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/psa-ff/test_suites/crypto/test_c005/test_c005.h b/psa-ff/test_suites/crypto/test_c005/test_c005.h
new file mode 100644
index 0000000..9a18031
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c005/test_c005.h
@@ -0,0 +1,34 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C005_CLIENT_TESTS_H_
+#define _TEST_C005_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+#include "val_crypto.h"
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c005_crypto_list[];
+
+int32_t psa_destroy_key_test(security_t caller);
+int32_t psa_destroy_invalid_key_test(security_t caller);
+#endif /* _TEST_C005_CLIENT_TESTS_H_ */
diff --git a/psa-ff/test_suites/crypto/test_c005/test_data.h b/psa-ff/test_suites/crypto/test_c005/test_data.h
new file mode 100644
index 0000000..37f7e1f
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c005/test_data.h
@@ -0,0 +1,261 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+#define EMPTY_KEY_SLOT 31
+
+typedef struct {
+ char test_desc[75];
+ psa_key_slot_t key_slot;
+ psa_key_type_t key_type;
+ uint8_t key_data[34];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ uint32_t expected_bit_length;
+ uint32_t expected_key_length;
+ psa_status_t expected_status;
+} test_data;
+
+uint8_t rsa_384_keypair[1];
+uint8_t rsa_384_keydata[1];
+uint8_t rsa_256_keypair[] = {
+ 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
+ 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
+ 0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
+ 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 0x7F, 0xFE,
+ 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1,
+ 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B,
+ 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 0xDA,
+ 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63,
+ 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34,
+ 0xB3, 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73,
+ 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, 0x2E, 0xB8, 0x10,
+ 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4,
+ 0xBB, 0x17, 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5,
+ 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 0xBC, 0x23,
+ 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0,
+ 0xA1, 0x96, 0x4A, 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63,
+ 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 0x77,
+ 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39,
+ 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33,
+ 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5,
+ 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50,
+ 0x01, 0xEF, 0x9F, 0xED, 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7,
+ 0x92, 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, 0xC6, 0x79,
+ 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, 0x95, 0x77, 0xCB, 0xC3, 0x9A,
+ 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA,
+ 0x67, 0x16, 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, 0xFB,
+ 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, 0x98, 0x6B, 0x65, 0x9A,
+ 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22,
+ 0x60, 0x2A, 0x73, 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4,
+ 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, 0x25, 0x4E, 0x9F,
+ 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64,
+ 0xCA, 0x9A, 0x5B, 0x05, 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32,
+ 0x22, 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, 0x74, 0xD3,
+ 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, 0x7A, 0x97, 0x2E, 0xD6, 0xB6,
+ 0x19, 0xC6, 0x92, 0x26, 0xE4, 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9,
+ 0x78, 0x0D, 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, 0x41,
+ 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, 0xD2, 0x60, 0xF2, 0x9F,
+ 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C,
+ 0xE6, 0x55, 0x34, 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A,
+ 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, 0xF1, 0x58, 0x58,
+ 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9,
+ 0x10, 0x32, 0xB7, 0x93, 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6,
+ 0xB5, 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, 0x1B, 0xAC,
+ 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, 0x19, 0xB8, 0xC3, 0x60, 0xB1,
+ 0x57, 0x48, 0x5F, 0x52, 0x4F, 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43,
+ 0x50, 0x3F, 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, 0xAD,
+ 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, 0x70, 0x9C, 0x0A, 0x7C,
+ 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD,
+ 0x15, 0x73, 0xDA, 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0,
+ 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, 0xC6, 0xB1, 0x53,
+ 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D,
+ 0xB7, 0x5C, 0x5C, 0x7C, 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63,
+ 0xB3, 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, 0x8E, 0x7B,
+ 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, 0x7D, 0xEA, 0xFE, 0x76, 0xA1,
+ 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B,
+ 0x5B, 0x0F, 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, 0xED,
+ 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, 0x13, 0x23, 0x4C, 0xCB,
+ 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C,
+ 0xC1, 0x85, 0x5F, 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3,
+ 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, 0x5F, 0x53, 0xA4,
+ 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB,
+ 0xD5, 0xFE, 0xF9, 0x52, 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52,
+ 0x2F, 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, 0x52, 0xDA,
+ 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, 0xD3, 0x18, 0x14, 0x72, 0x77,
+ 0x5E, 0xC7, 0xA3, 0x04, 0x1F, 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3,
+ 0xF2, 0xB5, 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, 0x5F,
+ 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, 0x56, 0xC0, 0xD4, 0x22,
+ 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95,
+ 0x92, 0x31, 0x41, 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39,
+ 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, 0x22, 0x00, 0xFE,
+ 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41,
+ 0x56, 0x28, 0x51, 0x9E, 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2,
+ 0x6C, 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, 0xD4, 0x0C,
+ 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, 0xD4, 0xE6, 0xDC, 0x4C, 0xED,
+ 0xD7, 0x16, 0x11, 0xC3, 0x3E, 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE,
+ 0xBB, 0x75, 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, 0xC5,
+ 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, 0x6E, 0x99, 0x87, 0xF8,
+ 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF,
+ 0x16, 0xCA, 0x8B, 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC,
+ 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, 0x9D, 0xE0, 0x63,
+ 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D,
+ 0x45, 0xF9, 0x40, 0x8C, 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C,
+ 0xAC, 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, 0xE5, 0x8A,
+ 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, 0x86, 0x09, 0xB8, 0xD8, 0x76,
+ 0xA7, 0xC9, 0x1C, 0x71, 0x52, 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD,
+ 0x61, 0x1B, 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, 0x43,
+ 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, 0x5E, 0xCF, 0x4F, 0xFC,
+ 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5,
+ 0x29, 0xD0, 0x44, 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2,
+ 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
+ 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
+
+uint8_t rsa_256_keydata[] = {
+ 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
+ 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
+ 0x75, 0x10, 0xA0, 0xA2, 0xB8, 0xCE, 0x7D, 0xAA, 0xE2, 0x05, 0xE0, 0x7A, 0xD8, 0x44,
+ 0x63, 0x8F, 0xB5, 0xBD, 0xC0, 0xB0, 0x19, 0xB9, 0x37, 0xB8, 0x19, 0x4A, 0x0E, 0xF1,
+ 0x5D, 0x74, 0x80, 0x67, 0x46, 0x87, 0x06, 0xDE, 0x5B, 0x7F, 0x06, 0x03, 0xBD, 0xC1,
+ 0x8D, 0x5E, 0x07, 0x15, 0xD4, 0x5B, 0xF4, 0xDC, 0xE5, 0xCF, 0x3D, 0xF9, 0xC1, 0x11,
+ 0x2C, 0xAE, 0x6A, 0xB9, 0x8A, 0xBD, 0x1D, 0x67, 0x66, 0x17, 0xEA, 0x4E, 0xBD, 0xDB,
+ 0x15, 0x9A, 0x82, 0x87, 0xE4, 0xF0, 0x78, 0xC3, 0xA3, 0x85, 0x87, 0xB0, 0xFD, 0x9F,
+ 0xA9, 0x99, 0x5F, 0xE3, 0x33, 0xEC, 0xCC, 0xEA, 0x0B, 0xB5, 0x61, 0x5E, 0xF1, 0x49,
+ 0x7E, 0x3F, 0xA3, 0x2D, 0xEA, 0x01, 0x0C, 0xCC, 0x42, 0x9A, 0x76, 0x9B, 0xC4, 0xD0,
+ 0x37, 0xD3, 0xB1, 0x17, 0x01, 0x61, 0x01, 0x16, 0x59, 0x7E, 0x1C, 0x17, 0xC3, 0x53,
+ 0xFD, 0xD1, 0x72, 0xCB, 0x4C, 0x60, 0x15, 0xDA, 0x7D, 0xE2, 0xEA, 0xAD, 0x50, 0xEF,
+ 0x8E, 0xE2, 0x8B, 0xD4, 0x6A, 0x77, 0x55, 0xD6, 0x70, 0xD9, 0x6B, 0xBB, 0xF1, 0xEE,
+ 0x39, 0x04, 0x38, 0xA3, 0xBD, 0xE2, 0xD1, 0xE0, 0x66, 0x6B, 0xE2, 0x9C, 0x47, 0x99,
+ 0xE9, 0x28, 0xE6, 0xB6, 0xFC, 0x2E, 0xCA, 0x67, 0x43, 0x84, 0xE8, 0xD5, 0x83, 0xD6,
+ 0x9D, 0x98, 0x6B, 0x01, 0x3E, 0x81, 0xDC, 0x3C, 0x7A, 0xCA, 0xF9, 0xF3, 0x9C, 0xF7,
+ 0xD6, 0x28, 0x1B, 0x27, 0x78, 0x7C, 0xC3, 0xD0, 0xD5, 0x63, 0xA7, 0x81, 0x34, 0x89,
+ 0xAD, 0x25, 0x6A, 0xBD, 0xF2, 0xEA, 0xED, 0xFA, 0x57, 0xFC, 0xE5, 0x34, 0xC6, 0xC1,
+ 0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
+ 0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
+
+uint8_t ec_keydata[] = {
+ 0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
+ 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
+ 0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
+ 0xF6, 0x20, 0xA5, 0x58, 0xA5, 0x01, 0xE0, 0x22, 0x2D, 0x08, 0xCF, 0xE0, 0xDC, 0x8A,
+ 0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
+ 0x24, 0x74, 0x90, 0x9A, 0xE0};
+
+uint8_t ec_keypair[] = {
+ 0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
+ 0xF5, 0x49, 0xBD, 0x6F, 0x05, 0x53, 0x49, 0x4B, 0x73, 0xE3, 0xD6, 0x11, 0x30, 0xFD,
+ 0xC6, 0xC9, 0x6D, 0xA0, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
+ 0x01, 0xA1, 0x34, 0x03, 0x32, 0x00, 0x04, 0x51, 0x75, 0xBC, 0xDF, 0x30, 0xA3, 0x70,
+ 0xF3, 0x9D, 0x53, 0x93, 0xE6, 0x12, 0x72, 0x88, 0xD8, 0x01, 0x67, 0xB5, 0xF4, 0xB4,
+ 0xB7, 0x76, 0xC6, 0x74, 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F,
+ 0x68, 0x54, 0xB5, 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
+
+test_data check1[] = {
+{"Test psa_destroy_key 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_destroy_key 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
+{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
+ 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
+ AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_destroy_key 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
+{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
+ 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_destroy_key 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+ {0},
+ 294, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 2048, 294, PSA_SUCCESS
+},
+
+{"Test psa_destroy_key with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
+ {0},
+ 1193, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 2048, 1193, PSA_SUCCESS
+},
+
+{"Test psa_destroy_key with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
+ {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_destroy_key with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
+{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_destroy_key with Triple DES 3-Key\n", 8, PSA_KEY_TYPE_DES,
+{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
+ DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_destroy_key with EC Public key\n", 9,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | PSA_ECC_CURVE_SECP192R1,
+ {0},
+ 75, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 192, 75, PSA_SUCCESS
+},
+
+{"Test psa_destroy_key with EC keypair\n", 10,
+ PSA_KEY_TYPE_ECC_KEYPAIR_BASE | PSA_ECC_CURVE_SECP192R1,
+ {0},
+ 97, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 192, 97, PSA_SUCCESS
+},
+};
+
+
+test_data check2[] = {
+{"Test psa_destroy_key with invalid key slot\n", INVALID_KEY_SLOT, PSA_KEY_TYPE_AES,
+{0},
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_destroy_key with zero key slot\n", ZERO_KEY_SLOT, PSA_KEY_TYPE_AES,
+{0},
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_destroy_key with empty key slot\n", EMPTY_KEY_SLOT, PSA_KEY_TYPE_AES,
+{0},
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+},
+};
diff --git a/psa-ff/test_suites/crypto/test_c005/test_entry.c b/psa-ff/test_suites/crypto/test_c005/test_entry.c
new file mode 100644
index 0000000..76b6ec9
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c005/test_entry.c
@@ -0,0 +1,69 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c005.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 5)
+#define TEST_DESC "Testing crypto key management APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t i, status = VAL_STATUS_SUCCESS;
+ bool_t destroy_status = TRUE;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c005_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->print(PRINT_DEBUG, "\tPSA destroy all the key slot\n", 0);
+ for (i = 1; i <= MAX_KEY_SLOT; i++)
+ {
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, i);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA destroy key failed for slot number: %d\n", i);
+ destroy_status = FALSE;
+ }
+ }
+
+ if (destroy_status)
+ {
+ val->print(PRINT_DEBUG, "\tPSA all the key slot successfully destroyed\n", 0);
+ }
+
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/crypto/test_c006/source.mk b/psa-ff/test_suites/crypto/test_c006/source.mk
new file mode 100644
index 0000000..e2e1be7
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c006/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c006.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/crypto/test_c006/test_c006.c b/psa-ff/test_suites/crypto/test_c006/test_c006.c
new file mode 100644
index 0000000..bc558a1
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c006/test_c006.c
@@ -0,0 +1,169 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_c006.h"
+#include "test_data.h"
+
+client_test_t test_c006_crypto_list[] = {
+ NULL,
+ psa_get_key_information_test,
+ psa_get_key_information_invalid_test,
+ NULL,
+};
+
+int g_test_count;
+
+int32_t psa_get_key_information_test(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ uint32_t i;
+ uint8_t *key_data;
+ psa_key_policy_t policy;
+ psa_key_type_t key_type;
+ size_t bits;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+
+ g_test_count = 1;
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Set the key data buffer to the input base on algorithm */
+ for (i = 0; i < num_checks; i++)
+ {
+ if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
+ {
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keypair;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ else
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keydata;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ key_data = ec_keypair;
+ else
+ key_data = ec_keydata;
+ }
+ else
+ key_data = check1[i].key_data;
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_slot, &policy);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA set key policy failed\n", 0);
+ return status;
+ }
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_slot, check1[i].key_type,
+ key_data, check1[i].key_length);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA import key failed\n", 0);
+ return status;
+ }
+
+ /* Get basic metadata about a key */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check1[i].key_slot,
+ &key_type, &bits);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA get key information failed\n", 0);
+ return status;
+ }
+
+ if (key_type != check1[i].key_type)
+ {
+ val->print(PRINT_ERROR, "\tPSA mismatch key type\n", 0);
+ return status;
+ }
+
+ if (bits != check1[i].expected_bit_length)
+ {
+ val->print(PRINT_ERROR, "\tStored key length mismatch\n", 0);
+ return VAL_STATUS_INVALID_SIZE;
+ }
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_get_key_information_invalid_test(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ uint32_t i;
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check2[i].test_desc, 0);
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_INFORMATION, check2[i].key_slot,
+ &check2[i].key_type, &check2[i].key_length);
+ if (status != check2[i].expected_status)
+ {
+ val->print(PRINT_ERROR, "\tPSA get key info should have failed but succeeded\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ }
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/psa-ff/test_suites/crypto/test_c006/test_c006.h b/psa-ff/test_suites/crypto/test_c006/test_c006.h
new file mode 100644
index 0000000..ba8b2b7
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c006/test_c006.h
@@ -0,0 +1,34 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C006_CLIENT_TESTS_H_
+#define _TEST_C006_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+#include "val_crypto.h"
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c006_crypto_list[];
+
+int32_t psa_get_key_information_test(security_t caller);
+int32_t psa_get_key_information_invalid_test(security_t caller);
+#endif /* _TEST_C006_CLIENT_TESTS_H_ */
diff --git a/psa-ff/test_suites/crypto/test_c006/test_data.h b/psa-ff/test_suites/crypto/test_c006/test_data.h
new file mode 100644
index 0000000..ae1ee8f
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c006/test_data.h
@@ -0,0 +1,262 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+#define EMPTY_KEY_SLOT 31
+
+typedef struct {
+ char test_desc[75];
+ psa_key_slot_t key_slot;
+ psa_key_type_t key_type;
+ uint8_t key_data[34];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ uint32_t expected_bit_length;
+ uint32_t expected_key_length;
+ psa_status_t expected_status;
+} test_data;
+
+uint8_t rsa_384_keypair[1];
+uint8_t rsa_384_keydata[1];
+
+uint8_t rsa_256_keypair[] = {
+ 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
+ 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
+ 0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
+ 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 0x7F, 0xFE,
+ 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1,
+ 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B,
+ 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 0xDA,
+ 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63,
+ 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34,
+ 0xB3, 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73,
+ 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, 0x2E, 0xB8, 0x10,
+ 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4,
+ 0xBB, 0x17, 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5,
+ 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 0xBC, 0x23,
+ 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0,
+ 0xA1, 0x96, 0x4A, 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63,
+ 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 0x77,
+ 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39,
+ 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33,
+ 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5,
+ 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50,
+ 0x01, 0xEF, 0x9F, 0xED, 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7,
+ 0x92, 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, 0xC6, 0x79,
+ 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, 0x95, 0x77, 0xCB, 0xC3, 0x9A,
+ 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA,
+ 0x67, 0x16, 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, 0xFB,
+ 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, 0x98, 0x6B, 0x65, 0x9A,
+ 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22,
+ 0x60, 0x2A, 0x73, 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4,
+ 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, 0x25, 0x4E, 0x9F,
+ 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64,
+ 0xCA, 0x9A, 0x5B, 0x05, 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32,
+ 0x22, 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, 0x74, 0xD3,
+ 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, 0x7A, 0x97, 0x2E, 0xD6, 0xB6,
+ 0x19, 0xC6, 0x92, 0x26, 0xE4, 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9,
+ 0x78, 0x0D, 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, 0x41,
+ 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, 0xD2, 0x60, 0xF2, 0x9F,
+ 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C,
+ 0xE6, 0x55, 0x34, 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A,
+ 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, 0xF1, 0x58, 0x58,
+ 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9,
+ 0x10, 0x32, 0xB7, 0x93, 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6,
+ 0xB5, 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, 0x1B, 0xAC,
+ 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, 0x19, 0xB8, 0xC3, 0x60, 0xB1,
+ 0x57, 0x48, 0x5F, 0x52, 0x4F, 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43,
+ 0x50, 0x3F, 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, 0xAD,
+ 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, 0x70, 0x9C, 0x0A, 0x7C,
+ 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD,
+ 0x15, 0x73, 0xDA, 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0,
+ 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, 0xC6, 0xB1, 0x53,
+ 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D,
+ 0xB7, 0x5C, 0x5C, 0x7C, 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63,
+ 0xB3, 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, 0x8E, 0x7B,
+ 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, 0x7D, 0xEA, 0xFE, 0x76, 0xA1,
+ 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B,
+ 0x5B, 0x0F, 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, 0xED,
+ 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, 0x13, 0x23, 0x4C, 0xCB,
+ 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C,
+ 0xC1, 0x85, 0x5F, 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3,
+ 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, 0x5F, 0x53, 0xA4,
+ 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB,
+ 0xD5, 0xFE, 0xF9, 0x52, 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52,
+ 0x2F, 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, 0x52, 0xDA,
+ 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, 0xD3, 0x18, 0x14, 0x72, 0x77,
+ 0x5E, 0xC7, 0xA3, 0x04, 0x1F, 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3,
+ 0xF2, 0xB5, 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, 0x5F,
+ 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, 0x56, 0xC0, 0xD4, 0x22,
+ 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95,
+ 0x92, 0x31, 0x41, 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39,
+ 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, 0x22, 0x00, 0xFE,
+ 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41,
+ 0x56, 0x28, 0x51, 0x9E, 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2,
+ 0x6C, 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, 0xD4, 0x0C,
+ 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, 0xD4, 0xE6, 0xDC, 0x4C, 0xED,
+ 0xD7, 0x16, 0x11, 0xC3, 0x3E, 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE,
+ 0xBB, 0x75, 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, 0xC5,
+ 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, 0x6E, 0x99, 0x87, 0xF8,
+ 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF,
+ 0x16, 0xCA, 0x8B, 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC,
+ 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, 0x9D, 0xE0, 0x63,
+ 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D,
+ 0x45, 0xF9, 0x40, 0x8C, 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C,
+ 0xAC, 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, 0xE5, 0x8A,
+ 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, 0x86, 0x09, 0xB8, 0xD8, 0x76,
+ 0xA7, 0xC9, 0x1C, 0x71, 0x52, 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD,
+ 0x61, 0x1B, 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, 0x43,
+ 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, 0x5E, 0xCF, 0x4F, 0xFC,
+ 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5,
+ 0x29, 0xD0, 0x44, 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2,
+ 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
+ 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
+
+uint8_t rsa_256_keydata[] = {
+ 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
+ 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
+ 0x75, 0x10, 0xA0, 0xA2, 0xB8, 0xCE, 0x7D, 0xAA, 0xE2, 0x05, 0xE0, 0x7A, 0xD8, 0x44,
+ 0x63, 0x8F, 0xB5, 0xBD, 0xC0, 0xB0, 0x19, 0xB9, 0x37, 0xB8, 0x19, 0x4A, 0x0E, 0xF1,
+ 0x5D, 0x74, 0x80, 0x67, 0x46, 0x87, 0x06, 0xDE, 0x5B, 0x7F, 0x06, 0x03, 0xBD, 0xC1,
+ 0x8D, 0x5E, 0x07, 0x15, 0xD4, 0x5B, 0xF4, 0xDC, 0xE5, 0xCF, 0x3D, 0xF9, 0xC1, 0x11,
+ 0x2C, 0xAE, 0x6A, 0xB9, 0x8A, 0xBD, 0x1D, 0x67, 0x66, 0x17, 0xEA, 0x4E, 0xBD, 0xDB,
+ 0x15, 0x9A, 0x82, 0x87, 0xE4, 0xF0, 0x78, 0xC3, 0xA3, 0x85, 0x87, 0xB0, 0xFD, 0x9F,
+ 0xA9, 0x99, 0x5F, 0xE3, 0x33, 0xEC, 0xCC, 0xEA, 0x0B, 0xB5, 0x61, 0x5E, 0xF1, 0x49,
+ 0x7E, 0x3F, 0xA3, 0x2D, 0xEA, 0x01, 0x0C, 0xCC, 0x42, 0x9A, 0x76, 0x9B, 0xC4, 0xD0,
+ 0x37, 0xD3, 0xB1, 0x17, 0x01, 0x61, 0x01, 0x16, 0x59, 0x7E, 0x1C, 0x17, 0xC3, 0x53,
+ 0xFD, 0xD1, 0x72, 0xCB, 0x4C, 0x60, 0x15, 0xDA, 0x7D, 0xE2, 0xEA, 0xAD, 0x50, 0xEF,
+ 0x8E, 0xE2, 0x8B, 0xD4, 0x6A, 0x77, 0x55, 0xD6, 0x70, 0xD9, 0x6B, 0xBB, 0xF1, 0xEE,
+ 0x39, 0x04, 0x38, 0xA3, 0xBD, 0xE2, 0xD1, 0xE0, 0x66, 0x6B, 0xE2, 0x9C, 0x47, 0x99,
+ 0xE9, 0x28, 0xE6, 0xB6, 0xFC, 0x2E, 0xCA, 0x67, 0x43, 0x84, 0xE8, 0xD5, 0x83, 0xD6,
+ 0x9D, 0x98, 0x6B, 0x01, 0x3E, 0x81, 0xDC, 0x3C, 0x7A, 0xCA, 0xF9, 0xF3, 0x9C, 0xF7,
+ 0xD6, 0x28, 0x1B, 0x27, 0x78, 0x7C, 0xC3, 0xD0, 0xD5, 0x63, 0xA7, 0x81, 0x34, 0x89,
+ 0xAD, 0x25, 0x6A, 0xBD, 0xF2, 0xEA, 0xED, 0xFA, 0x57, 0xFC, 0xE5, 0x34, 0xC6, 0xC1,
+ 0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
+ 0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
+
+uint8_t ec_keydata[] = {
+ 0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
+ 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
+ 0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
+ 0xF6, 0x20, 0xA5, 0x58, 0xA5, 0x01, 0xE0, 0x22, 0x2D, 0x08, 0xCF, 0xE0, 0xDC, 0x8A,
+ 0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
+ 0x24, 0x74, 0x90, 0x9A, 0xE0};
+
+uint8_t ec_keypair[] = {
+ 0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
+ 0xF5, 0x49, 0xBD, 0x6F, 0x05, 0x53, 0x49, 0x4B, 0x73, 0xE3, 0xD6, 0x11, 0x30, 0xFD,
+ 0xC6, 0xC9, 0x6D, 0xA0, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
+ 0x01, 0xA1, 0x34, 0x03, 0x32, 0x00, 0x04, 0x51, 0x75, 0xBC, 0xDF, 0x30, 0xA3, 0x70,
+ 0xF3, 0x9D, 0x53, 0x93, 0xE6, 0x12, 0x72, 0x88, 0xD8, 0x01, 0x67, 0xB5, 0xF4, 0xB4,
+ 0xB7, 0x76, 0xC6, 0x74, 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F,
+ 0x68, 0x54, 0xB5, 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
+
+test_data check1[] = {
+{"Test psa_get_key_information 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_get_key_information 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
+{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
+ 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
+ AES_24B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_get_key_information 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
+{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
+ 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_get_key_information 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+ {0},
+ 294, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 2048, 294, PSA_SUCCESS
+},
+
+{"Test psa_get_key_information with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
+ {0},
+ 1193, PSA_KEY_USAGE_EXPORT, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 2048, 1193, PSA_SUCCESS
+},
+
+{"Test psa_get_key_information with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
+ {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_get_key_information with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
+{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_get_key_information with Triple DES 3-Key\n", 8, PSA_KEY_TYPE_DES,
+{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
+ DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_get_key_information with EC Public key\n", 9,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | PSA_ECC_CURVE_SECP192R1,
+ {0},
+ 75, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 192, 75, PSA_SUCCESS
+},
+
+{"Test psa_get_key_information with EC keypair\n", 10,
+ PSA_KEY_TYPE_ECC_KEYPAIR_BASE | PSA_ECC_CURVE_SECP192R1,
+ {0},
+ 97, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 192, 97, PSA_SUCCESS
+},
+};
+
+
+test_data check2[] = {
+{"Test psa_get_key_information with invalid key slot\n", INVALID_KEY_SLOT, PSA_KEY_TYPE_AES,
+{0},
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_get_key_information with zero key slot\n", ZERO_KEY_SLOT, PSA_KEY_TYPE_AES,
+{0},
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_get_key_information with empty key slot\n", EMPTY_KEY_SLOT, PSA_KEY_TYPE_AES,
+{0},
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_EMPTY_SLOT
+},
+};
diff --git a/psa-ff/test_suites/crypto/test_c006/test_entry.c b/psa-ff/test_suites/crypto/test_c006/test_entry.c
new file mode 100644
index 0000000..5e254cf
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c006/test_entry.c
@@ -0,0 +1,69 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c006.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 6)
+#define TEST_DESC "Testing crypto key management APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t i, status = VAL_STATUS_SUCCESS;
+ bool_t destroy_status = TRUE;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c006_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->print(PRINT_DEBUG, "\tPSA destroy all the key slot\n", 0);
+ for (i = 1; i <= MAX_KEY_SLOT; i++)
+ {
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, i);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA destroy key failed for slot number: %d\n", i);
+ destroy_status = FALSE;
+ }
+ }
+
+ if (destroy_status)
+ {
+ val->print(PRINT_DEBUG, "\tPSA all the key slot successfully destroyed\n", 0);
+ }
+
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/crypto/test_c007/source.mk b/psa-ff/test_suites/crypto/test_c007/source.mk
new file mode 100644
index 0000000..0144796
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c007/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c007.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/crypto/test_c007/test_c007.c b/psa-ff/test_suites/crypto/test_c007/test_c007.c
new file mode 100644
index 0000000..2e59b1c
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c007/test_c007.c
@@ -0,0 +1,174 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_c007.h"
+#include "test_data.h"
+#include "val_crypto.h"
+
+client_test_t test_c007_crypto_list[] = {
+ NULL,
+ psa_set_key_policy_test,
+ psa_set_key_policy_negative_test,
+ NULL,
+};
+
+int g_test_count;
+
+int32_t psa_set_key_policy_test(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ uint8_t *key_data;
+ psa_key_policy_t policy, expected_policy;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ uint32_t i;
+
+ g_test_count = 1;
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Set the key data buffer to the input base on algorithm */
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+ if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
+ {
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keypair;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ else
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keydata;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ key_data = ec_keypair;
+ else
+ key_data = ec_keydata;
+ }
+ else
+ key_data = check1[i].key_data;
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_slot, &policy);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA set key policy failed\n", 0);
+ return status;
+ }
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_slot, check1[i].key_type,
+ key_data, check1[i].key_length);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA import key failed\n", 0);
+ return status;
+ }
+
+ /* Get the usage policy for a key slot */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_POLICY, check1[i].key_slot,
+ &expected_policy);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA get key policy failed\n", 0);
+ return status;
+ }
+
+ if ((expected_policy.usage != check1[i].usage) ||
+ (expected_policy.alg != check1[i].key_alg))
+ {
+ val->print(PRINT_ERROR, "\tPolicy data Mismatch\n", 0);
+ return VAL_STATUS_DATA_MISMATCH;
+ }
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_set_key_policy_negative_test(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ uint32_t i;
+ psa_key_policy_t policy;
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check2[i].test_desc, 0);
+
+ /* Set the usage policy on a key slot */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check2[i].usage,
+ check2[i].key_alg);
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check2[i].key_slot, &policy);
+ if (status != check2[i].expected_status)
+ {
+ val->print(PRINT_ERROR, "\tPSA set key policy should have failed but succeeded\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/psa-ff/test_suites/crypto/test_c007/test_c007.h b/psa-ff/test_suites/crypto/test_c007/test_c007.h
new file mode 100644
index 0000000..93f5e39
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c007/test_c007.h
@@ -0,0 +1,35 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C007_CLIENT_TESTS_H_
+#define _TEST_C007_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+#include "val_crypto.h"
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c007_crypto_list[];
+
+int32_t psa_set_key_policy_test(security_t caller);
+int32_t psa_set_key_policy_negative_test(security_t caller);
+#endif /* _TEST_C007_CLIENT_TESTS_H_ */
+
diff --git a/psa-ff/test_suites/crypto/test_c007/test_data.h b/psa-ff/test_suites/crypto/test_c007/test_data.h
new file mode 100644
index 0000000..c540109
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c007/test_data.h
@@ -0,0 +1,270 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_slot_t key_slot;
+ psa_key_type_t key_type;
+ uint8_t key_data[34];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ uint32_t expected_bit_length;
+ uint32_t expected_key_length;
+ psa_status_t expected_status;
+} test_data;
+
+uint8_t rsa_384_keypair[1];
+uint8_t rsa_384_keydata[1];
+
+uint8_t rsa_256_keypair[] = {
+ 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
+ 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
+ 0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
+ 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 0x7F, 0xFE,
+ 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1,
+ 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B,
+ 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 0xDA,
+ 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63,
+ 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34,
+ 0xB3, 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73,
+ 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, 0x2E, 0xB8, 0x10,
+ 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4,
+ 0xBB, 0x17, 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5,
+ 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 0xBC, 0x23,
+ 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0,
+ 0xA1, 0x96, 0x4A, 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63,
+ 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 0x77,
+ 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39,
+ 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33,
+ 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5,
+ 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50,
+ 0x01, 0xEF, 0x9F, 0xED, 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7,
+ 0x92, 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, 0xC6, 0x79,
+ 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, 0x95, 0x77, 0xCB, 0xC3, 0x9A,
+ 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA,
+ 0x67, 0x16, 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, 0xFB,
+ 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, 0x98, 0x6B, 0x65, 0x9A,
+ 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22,
+ 0x60, 0x2A, 0x73, 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4,
+ 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, 0x25, 0x4E, 0x9F,
+ 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64,
+ 0xCA, 0x9A, 0x5B, 0x05, 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32,
+ 0x22, 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, 0x74, 0xD3,
+ 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, 0x7A, 0x97, 0x2E, 0xD6, 0xB6,
+ 0x19, 0xC6, 0x92, 0x26, 0xE4, 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9,
+ 0x78, 0x0D, 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, 0x41,
+ 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, 0xD2, 0x60, 0xF2, 0x9F,
+ 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C,
+ 0xE6, 0x55, 0x34, 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A,
+ 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, 0xF1, 0x58, 0x58,
+ 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9,
+ 0x10, 0x32, 0xB7, 0x93, 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6,
+ 0xB5, 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, 0x1B, 0xAC,
+ 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, 0x19, 0xB8, 0xC3, 0x60, 0xB1,
+ 0x57, 0x48, 0x5F, 0x52, 0x4F, 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43,
+ 0x50, 0x3F, 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, 0xAD,
+ 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, 0x70, 0x9C, 0x0A, 0x7C,
+ 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD,
+ 0x15, 0x73, 0xDA, 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0,
+ 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, 0xC6, 0xB1, 0x53,
+ 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D,
+ 0xB7, 0x5C, 0x5C, 0x7C, 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63,
+ 0xB3, 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, 0x8E, 0x7B,
+ 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, 0x7D, 0xEA, 0xFE, 0x76, 0xA1,
+ 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B,
+ 0x5B, 0x0F, 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, 0xED,
+ 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, 0x13, 0x23, 0x4C, 0xCB,
+ 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C,
+ 0xC1, 0x85, 0x5F, 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3,
+ 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, 0x5F, 0x53, 0xA4,
+ 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB,
+ 0xD5, 0xFE, 0xF9, 0x52, 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52,
+ 0x2F, 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, 0x52, 0xDA,
+ 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, 0xD3, 0x18, 0x14, 0x72, 0x77,
+ 0x5E, 0xC7, 0xA3, 0x04, 0x1F, 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3,
+ 0xF2, 0xB5, 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, 0x5F,
+ 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, 0x56, 0xC0, 0xD4, 0x22,
+ 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95,
+ 0x92, 0x31, 0x41, 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39,
+ 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, 0x22, 0x00, 0xFE,
+ 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41,
+ 0x56, 0x28, 0x51, 0x9E, 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2,
+ 0x6C, 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, 0xD4, 0x0C,
+ 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, 0xD4, 0xE6, 0xDC, 0x4C, 0xED,
+ 0xD7, 0x16, 0x11, 0xC3, 0x3E, 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE,
+ 0xBB, 0x75, 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, 0xC5,
+ 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, 0x6E, 0x99, 0x87, 0xF8,
+ 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF,
+ 0x16, 0xCA, 0x8B, 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC,
+ 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, 0x9D, 0xE0, 0x63,
+ 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D,
+ 0x45, 0xF9, 0x40, 0x8C, 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C,
+ 0xAC, 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, 0xE5, 0x8A,
+ 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, 0x86, 0x09, 0xB8, 0xD8, 0x76,
+ 0xA7, 0xC9, 0x1C, 0x71, 0x52, 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD,
+ 0x61, 0x1B, 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, 0x43,
+ 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, 0x5E, 0xCF, 0x4F, 0xFC,
+ 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5,
+ 0x29, 0xD0, 0x44, 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2,
+ 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
+ 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
+
+uint8_t rsa_256_keydata[] = {
+ 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
+ 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
+ 0x75, 0x10, 0xA0, 0xA2, 0xB8, 0xCE, 0x7D, 0xAA, 0xE2, 0x05, 0xE0, 0x7A, 0xD8, 0x44,
+ 0x63, 0x8F, 0xB5, 0xBD, 0xC0, 0xB0, 0x19, 0xB9, 0x37, 0xB8, 0x19, 0x4A, 0x0E, 0xF1,
+ 0x5D, 0x74, 0x80, 0x67, 0x46, 0x87, 0x06, 0xDE, 0x5B, 0x7F, 0x06, 0x03, 0xBD, 0xC1,
+ 0x8D, 0x5E, 0x07, 0x15, 0xD4, 0x5B, 0xF4, 0xDC, 0xE5, 0xCF, 0x3D, 0xF9, 0xC1, 0x11,
+ 0x2C, 0xAE, 0x6A, 0xB9, 0x8A, 0xBD, 0x1D, 0x67, 0x66, 0x17, 0xEA, 0x4E, 0xBD, 0xDB,
+ 0x15, 0x9A, 0x82, 0x87, 0xE4, 0xF0, 0x78, 0xC3, 0xA3, 0x85, 0x87, 0xB0, 0xFD, 0x9F,
+ 0xA9, 0x99, 0x5F, 0xE3, 0x33, 0xEC, 0xCC, 0xEA, 0x0B, 0xB5, 0x61, 0x5E, 0xF1, 0x49,
+ 0x7E, 0x3F, 0xA3, 0x2D, 0xEA, 0x01, 0x0C, 0xCC, 0x42, 0x9A, 0x76, 0x9B, 0xC4, 0xD0,
+ 0x37, 0xD3, 0xB1, 0x17, 0x01, 0x61, 0x01, 0x16, 0x59, 0x7E, 0x1C, 0x17, 0xC3, 0x53,
+ 0xFD, 0xD1, 0x72, 0xCB, 0x4C, 0x60, 0x15, 0xDA, 0x7D, 0xE2, 0xEA, 0xAD, 0x50, 0xEF,
+ 0x8E, 0xE2, 0x8B, 0xD4, 0x6A, 0x77, 0x55, 0xD6, 0x70, 0xD9, 0x6B, 0xBB, 0xF1, 0xEE,
+ 0x39, 0x04, 0x38, 0xA3, 0xBD, 0xE2, 0xD1, 0xE0, 0x66, 0x6B, 0xE2, 0x9C, 0x47, 0x99,
+ 0xE9, 0x28, 0xE6, 0xB6, 0xFC, 0x2E, 0xCA, 0x67, 0x43, 0x84, 0xE8, 0xD5, 0x83, 0xD6,
+ 0x9D, 0x98, 0x6B, 0x01, 0x3E, 0x81, 0xDC, 0x3C, 0x7A, 0xCA, 0xF9, 0xF3, 0x9C, 0xF7,
+ 0xD6, 0x28, 0x1B, 0x27, 0x78, 0x7C, 0xC3, 0xD0, 0xD5, 0x63, 0xA7, 0x81, 0x34, 0x89,
+ 0xAD, 0x25, 0x6A, 0xBD, 0xF2, 0xEA, 0xED, 0xFA, 0x57, 0xFC, 0xE5, 0x34, 0xC6, 0xC1,
+ 0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
+ 0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
+
+uint8_t ec_keydata[] = {
+ 0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
+ 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
+ 0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
+ 0xF6, 0x20, 0xA5, 0x58, 0xA5, 0x01, 0xE0, 0x22, 0x2D, 0x08, 0xCF, 0xE0, 0xDC, 0x8A,
+ 0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
+ 0x24, 0x74, 0x90, 0x9A, 0xE0};
+
+uint8_t ec_keypair[] = {
+ 0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
+ 0xF5, 0x49, 0xBD, 0x6F, 0x05, 0x53, 0x49, 0x4B, 0x73, 0xE3, 0xD6, 0x11, 0x30, 0xFD,
+ 0xC6, 0xC9, 0x6D, 0xA0, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
+ 0x01, 0xA1, 0x34, 0x03, 0x32, 0x00, 0x04, 0x51, 0x75, 0xBC, 0xDF, 0x30, 0xA3, 0x70,
+ 0xF3, 0x9D, 0x53, 0x93, 0xE6, 0x12, 0x72, 0x88, 0xD8, 0x01, 0x67, 0xB5, 0xF4, 0xB4,
+ 0xB7, 0x76, 0xC6, 0x74, 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F,
+ 0x68, 0x54, 0xB5, 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
+
+test_data check1[] = {
+{"Test psa_set_key_policy 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_set_key_policy 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
+{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
+ 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
+ AES_24B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_set_key_policy 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
+{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
+ 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_set_key_policy 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+ {0},
+ 294, PSA_KEY_USAGE_SIGN, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 2048, 294, PSA_SUCCESS
+},
+
+{"Test psa_set_key_policy with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
+ {0},
+ 1193, PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 2048, 1193, PSA_SUCCESS
+},
+
+{"Test psa_set_key_policy with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
+ {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_set_key_policy with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
+{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_set_key_policy with Triple DES 3-Key\n", 8, PSA_KEY_TYPE_DES,
+{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
+ DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_set_key_policy with EC Public key\n", 9,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | PSA_ECC_CURVE_SECP192R1,
+ {0},
+ 75, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 192, 75, PSA_SUCCESS
+},
+
+{"Test psa_set_key_policy with EC keypair\n", 10,
+ PSA_KEY_TYPE_ECC_KEYPAIR_BASE | PSA_ECC_CURVE_SECP192R1,
+ {0},
+ 97, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 192, 97, PSA_SUCCESS
+},
+};
+
+
+test_data check2[] = {
+{"Test psa_set_key_policy with already occupied key slot\n", 1, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_OCCUPIED_SLOT
+},
+
+{"Test psa_set_key_policy with invalid key slot\n", INVALID_KEY_SLOT, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_set_key_policy with zero key slot\n", ZERO_KEY_SLOT, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_set_key_policy with invalid usage\n", 13, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_INVALID, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+};
diff --git a/psa-ff/test_suites/crypto/test_c007/test_entry.c b/psa-ff/test_suites/crypto/test_c007/test_entry.c
new file mode 100644
index 0000000..2a11f27
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c007/test_entry.c
@@ -0,0 +1,69 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c007.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 7)
+#define TEST_DESC "Testing crypto key management APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t i, status = VAL_STATUS_SUCCESS;
+ bool_t destroy_status = TRUE;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c007_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->print(PRINT_DEBUG, "\tPSA destroy all the key slot\n", 0);
+ for (i = 1; i <= MAX_KEY_SLOT; i++)
+ {
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, i);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA destroy key failed for slot number: %d\n", i);
+ destroy_status = FALSE;
+ }
+ }
+
+ if (destroy_status)
+ {
+ val->print(PRINT_DEBUG, "\tPSA all the key slot successfully destroyed\n", 0);
+ }
+
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/crypto/test_c008/source.mk b/psa-ff/test_suites/crypto/test_c008/source.mk
new file mode 100644
index 0000000..3bc136e
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c008/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c008.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/crypto/test_c008/test_c008.c b/psa-ff/test_suites/crypto/test_c008/test_c008.c
new file mode 100644
index 0000000..247a826
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c008/test_c008.c
@@ -0,0 +1,186 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_c008.h"
+#include "test_data.h"
+#include "val_crypto.h"
+
+client_test_t test_c008_crypto_list[] = {
+ NULL,
+ psa_get_key_policy_test,
+ psa_get_key_policy_negative_test,
+ NULL,
+};
+
+int g_test_count;
+
+int32_t psa_get_key_policy_test(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ uint8_t *key_data;
+ psa_key_policy_t policy, expected_policy;
+ psa_key_usage_t expected_usage;
+ psa_algorithm_t expected_alg;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ uint32_t i;
+
+ g_test_count = 1;
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Set the key data buffer to the input base on algorithm */
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+ if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
+ {
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keypair;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ else
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keydata;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ key_data = ec_keypair;
+ else
+ key_data = ec_keydata;
+ }
+ else
+ key_data = check1[i].key_data;
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_slot, &policy);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA set key policy failed\n", 0);
+ return status;
+ }
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_slot, check1[i].key_type,
+ key_data, check1[i].key_length);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA import key failed\n", 0);
+ return status;
+ }
+
+ /* Get the usage policy for a key slot */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_POLICY, check1[i].key_slot,
+ &expected_policy);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA get key policy failed\n", 0);
+ return status;
+ }
+
+ if ((expected_policy.usage != check1[i].usage) ||
+ (expected_policy.alg != check1[i].key_alg))
+ {
+ val->print(PRINT_ERROR, "\tPolicy data Mismatch\n", 0);
+ return VAL_STATUS_DATA_MISMATCH;
+ }
+
+ /* Retrieve the usage field of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_GET_USAGE, &policy, &expected_usage);
+
+ /* Retrieve the algorithm field of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_GET_ALGORITHM, &policy, &expected_alg);
+
+ if ((expected_usage != check1[i].usage) ||
+ (expected_alg != check1[i].key_alg))
+ {
+ val->print(PRINT_ERROR, "\tPolicy data Mismatch\n", 0);
+ return VAL_STATUS_DATA_MISMATCH;
+ }
+
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_get_key_policy_negative_test(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ uint32_t i;
+ psa_key_policy_t policy;
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check2[i].test_desc, 0);
+
+ /* Get the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_POLICY, check2[i].key_slot, &policy);
+ if (status != check2[i].expected_status)
+ {
+ val->print(PRINT_ERROR, "\tPSA get key policy should have failed but succeeded\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/psa-ff/test_suites/crypto/test_c008/test_c008.h b/psa-ff/test_suites/crypto/test_c008/test_c008.h
new file mode 100644
index 0000000..8a6c12e
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c008/test_c008.h
@@ -0,0 +1,34 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C008_CLIENT_TESTS_H_
+#define _TEST_C008_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+#include "val_crypto.h"
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c008_crypto_list[];
+
+int32_t psa_get_key_policy_test(security_t caller);
+int32_t psa_get_key_policy_negative_test(security_t caller);
+#endif /* _TEST_C008_CLIENT_TESTS_H_ */
diff --git a/psa-ff/test_suites/crypto/test_c008/test_data.h b/psa-ff/test_suites/crypto/test_c008/test_data.h
new file mode 100644
index 0000000..eeec029
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c008/test_data.h
@@ -0,0 +1,256 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_slot_t key_slot;
+ psa_key_type_t key_type;
+ uint8_t key_data[34];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ uint32_t expected_bit_length;
+ uint32_t expected_key_length;
+ psa_status_t expected_status;
+} test_data;
+
+uint8_t rsa_384_keypair[1];
+uint8_t rsa_384_keydata[1];
+
+uint8_t rsa_256_keypair[] = {
+ 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
+ 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
+ 0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
+ 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 0x7F, 0xFE,
+ 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1,
+ 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B,
+ 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 0xDA,
+ 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63,
+ 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34,
+ 0xB3, 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73,
+ 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, 0x2E, 0xB8, 0x10,
+ 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4,
+ 0xBB, 0x17, 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5,
+ 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 0xBC, 0x23,
+ 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0,
+ 0xA1, 0x96, 0x4A, 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63,
+ 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 0x77,
+ 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39,
+ 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33,
+ 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5,
+ 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50,
+ 0x01, 0xEF, 0x9F, 0xED, 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7,
+ 0x92, 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, 0xC6, 0x79,
+ 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, 0x95, 0x77, 0xCB, 0xC3, 0x9A,
+ 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA,
+ 0x67, 0x16, 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, 0xFB,
+ 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, 0x98, 0x6B, 0x65, 0x9A,
+ 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22,
+ 0x60, 0x2A, 0x73, 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4,
+ 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, 0x25, 0x4E, 0x9F,
+ 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64,
+ 0xCA, 0x9A, 0x5B, 0x05, 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32,
+ 0x22, 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, 0x74, 0xD3,
+ 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, 0x7A, 0x97, 0x2E, 0xD6, 0xB6,
+ 0x19, 0xC6, 0x92, 0x26, 0xE4, 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9,
+ 0x78, 0x0D, 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, 0x41,
+ 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, 0xD2, 0x60, 0xF2, 0x9F,
+ 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C,
+ 0xE6, 0x55, 0x34, 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A,
+ 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, 0xF1, 0x58, 0x58,
+ 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9,
+ 0x10, 0x32, 0xB7, 0x93, 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6,
+ 0xB5, 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, 0x1B, 0xAC,
+ 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, 0x19, 0xB8, 0xC3, 0x60, 0xB1,
+ 0x57, 0x48, 0x5F, 0x52, 0x4F, 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43,
+ 0x50, 0x3F, 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, 0xAD,
+ 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, 0x70, 0x9C, 0x0A, 0x7C,
+ 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD,
+ 0x15, 0x73, 0xDA, 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0,
+ 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, 0xC6, 0xB1, 0x53,
+ 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D,
+ 0xB7, 0x5C, 0x5C, 0x7C, 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63,
+ 0xB3, 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, 0x8E, 0x7B,
+ 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, 0x7D, 0xEA, 0xFE, 0x76, 0xA1,
+ 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B,
+ 0x5B, 0x0F, 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, 0xED,
+ 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, 0x13, 0x23, 0x4C, 0xCB,
+ 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C,
+ 0xC1, 0x85, 0x5F, 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3,
+ 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, 0x5F, 0x53, 0xA4,
+ 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB,
+ 0xD5, 0xFE, 0xF9, 0x52, 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52,
+ 0x2F, 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, 0x52, 0xDA,
+ 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, 0xD3, 0x18, 0x14, 0x72, 0x77,
+ 0x5E, 0xC7, 0xA3, 0x04, 0x1F, 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3,
+ 0xF2, 0xB5, 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, 0x5F,
+ 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, 0x56, 0xC0, 0xD4, 0x22,
+ 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95,
+ 0x92, 0x31, 0x41, 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39,
+ 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, 0x22, 0x00, 0xFE,
+ 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41,
+ 0x56, 0x28, 0x51, 0x9E, 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2,
+ 0x6C, 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, 0xD4, 0x0C,
+ 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, 0xD4, 0xE6, 0xDC, 0x4C, 0xED,
+ 0xD7, 0x16, 0x11, 0xC3, 0x3E, 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE,
+ 0xBB, 0x75, 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, 0xC5,
+ 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, 0x6E, 0x99, 0x87, 0xF8,
+ 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF,
+ 0x16, 0xCA, 0x8B, 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC,
+ 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, 0x9D, 0xE0, 0x63,
+ 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D,
+ 0x45, 0xF9, 0x40, 0x8C, 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C,
+ 0xAC, 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, 0xE5, 0x8A,
+ 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, 0x86, 0x09, 0xB8, 0xD8, 0x76,
+ 0xA7, 0xC9, 0x1C, 0x71, 0x52, 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD,
+ 0x61, 0x1B, 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, 0x43,
+ 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, 0x5E, 0xCF, 0x4F, 0xFC,
+ 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5,
+ 0x29, 0xD0, 0x44, 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2,
+ 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
+ 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
+
+uint8_t rsa_256_keydata[] = {
+ 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
+ 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
+ 0x75, 0x10, 0xA0, 0xA2, 0xB8, 0xCE, 0x7D, 0xAA, 0xE2, 0x05, 0xE0, 0x7A, 0xD8, 0x44,
+ 0x63, 0x8F, 0xB5, 0xBD, 0xC0, 0xB0, 0x19, 0xB9, 0x37, 0xB8, 0x19, 0x4A, 0x0E, 0xF1,
+ 0x5D, 0x74, 0x80, 0x67, 0x46, 0x87, 0x06, 0xDE, 0x5B, 0x7F, 0x06, 0x03, 0xBD, 0xC1,
+ 0x8D, 0x5E, 0x07, 0x15, 0xD4, 0x5B, 0xF4, 0xDC, 0xE5, 0xCF, 0x3D, 0xF9, 0xC1, 0x11,
+ 0x2C, 0xAE, 0x6A, 0xB9, 0x8A, 0xBD, 0x1D, 0x67, 0x66, 0x17, 0xEA, 0x4E, 0xBD, 0xDB,
+ 0x15, 0x9A, 0x82, 0x87, 0xE4, 0xF0, 0x78, 0xC3, 0xA3, 0x85, 0x87, 0xB0, 0xFD, 0x9F,
+ 0xA9, 0x99, 0x5F, 0xE3, 0x33, 0xEC, 0xCC, 0xEA, 0x0B, 0xB5, 0x61, 0x5E, 0xF1, 0x49,
+ 0x7E, 0x3F, 0xA3, 0x2D, 0xEA, 0x01, 0x0C, 0xCC, 0x42, 0x9A, 0x76, 0x9B, 0xC4, 0xD0,
+ 0x37, 0xD3, 0xB1, 0x17, 0x01, 0x61, 0x01, 0x16, 0x59, 0x7E, 0x1C, 0x17, 0xC3, 0x53,
+ 0xFD, 0xD1, 0x72, 0xCB, 0x4C, 0x60, 0x15, 0xDA, 0x7D, 0xE2, 0xEA, 0xAD, 0x50, 0xEF,
+ 0x8E, 0xE2, 0x8B, 0xD4, 0x6A, 0x77, 0x55, 0xD6, 0x70, 0xD9, 0x6B, 0xBB, 0xF1, 0xEE,
+ 0x39, 0x04, 0x38, 0xA3, 0xBD, 0xE2, 0xD1, 0xE0, 0x66, 0x6B, 0xE2, 0x9C, 0x47, 0x99,
+ 0xE9, 0x28, 0xE6, 0xB6, 0xFC, 0x2E, 0xCA, 0x67, 0x43, 0x84, 0xE8, 0xD5, 0x83, 0xD6,
+ 0x9D, 0x98, 0x6B, 0x01, 0x3E, 0x81, 0xDC, 0x3C, 0x7A, 0xCA, 0xF9, 0xF3, 0x9C, 0xF7,
+ 0xD6, 0x28, 0x1B, 0x27, 0x78, 0x7C, 0xC3, 0xD0, 0xD5, 0x63, 0xA7, 0x81, 0x34, 0x89,
+ 0xAD, 0x25, 0x6A, 0xBD, 0xF2, 0xEA, 0xED, 0xFA, 0x57, 0xFC, 0xE5, 0x34, 0xC6, 0xC1,
+ 0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
+ 0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
+
+uint8_t ec_keydata[] = {
+ 0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
+ 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
+ 0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
+ 0xF6, 0x20, 0xA5, 0x58, 0xA5, 0x01, 0xE0, 0x22, 0x2D, 0x08, 0xCF, 0xE0, 0xDC, 0x8A,
+ 0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
+ 0x24, 0x74, 0x90, 0x9A, 0xE0};
+
+uint8_t ec_keypair[] = {
+ 0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
+ 0xF5, 0x49, 0xBD, 0x6F, 0x05, 0x53, 0x49, 0x4B, 0x73, 0xE3, 0xD6, 0x11, 0x30, 0xFD,
+ 0xC6, 0xC9, 0x6D, 0xA0, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
+ 0x01, 0xA1, 0x34, 0x03, 0x32, 0x00, 0x04, 0x51, 0x75, 0xBC, 0xDF, 0x30, 0xA3, 0x70,
+ 0xF3, 0x9D, 0x53, 0x93, 0xE6, 0x12, 0x72, 0x88, 0xD8, 0x01, 0x67, 0xB5, 0xF4, 0xB4,
+ 0xB7, 0x76, 0xC6, 0x74, 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F,
+ 0x68, 0x54, 0xB5, 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
+
+test_data check1[] = {
+{"Test psa_get_key_policy 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_get_key_policy 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
+{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
+ 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
+ AES_24B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_get_key_policy 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
+{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
+ 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_get_key_policy 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+ {0},
+ 294, PSA_KEY_USAGE_SIGN, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 2048, 294, PSA_SUCCESS
+},
+
+{"Test psa_get_key_policy with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
+ {0},
+ 1193, PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ 2048, 1193, PSA_SUCCESS
+},
+
+{"Test psa_get_key_policy with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
+ {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_get_key_policy with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
+{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_get_key_policy with Triple DES 3-Key\n", 8, PSA_KEY_TYPE_DES,
+{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
+ DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_get_key_policy with EC Public key\n", 9,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | PSA_ECC_CURVE_SECP192R1,
+ {0},
+ 75, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 192, 75, PSA_SUCCESS
+},
+
+{"Test psa_get_key_policy with EC keypair\n", 10,
+ PSA_KEY_TYPE_ECC_KEYPAIR_BASE | PSA_ECC_CURVE_SECP192R1,
+ {0},
+ 97, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ 192, 97, PSA_SUCCESS
+},
+};
+
+
+test_data check2[] = {
+{"Test psa_get_key_policy with invalid key slot\n", INVALID_KEY_SLOT, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_get_key_policy with zero key slot\n", ZERO_KEY_SLOT, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+};
diff --git a/psa-ff/test_suites/crypto/test_c008/test_entry.c b/psa-ff/test_suites/crypto/test_c008/test_entry.c
new file mode 100644
index 0000000..c03c24b
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c008/test_entry.c
@@ -0,0 +1,69 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c008.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 8)
+#define TEST_DESC "Testing crypto key management APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t i, status = VAL_STATUS_SUCCESS;
+ bool_t destroy_status = TRUE;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c008_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->print(PRINT_DEBUG, "\tPSA destroy all the key slot\n", 0);
+ for (i = 1; i <= MAX_KEY_SLOT; i++)
+ {
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, i);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA destroy key failed for slot number: %d\n", i);
+ destroy_status = FALSE;
+ }
+ }
+
+ if (destroy_status)
+ {
+ val->print(PRINT_DEBUG, "\tPSA all the key slot successfully destroyed\n", 0);
+ }
+
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/crypto/test_c009/source.mk b/psa-ff/test_suites/crypto/test_c009/source.mk
new file mode 100644
index 0000000..e5f4c6f
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c009/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c009.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/crypto/test_c009/test_c009.c b/psa-ff/test_suites/crypto/test_c009/test_c009.c
new file mode 100644
index 0000000..18297ad
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c009/test_c009.c
@@ -0,0 +1,276 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_c009.h"
+#include "test_data.h"
+#include "val_crypto.h"
+
+client_test_t test_c009_crypto_list[] = {
+ NULL,
+ psa_set_key_lifetime_test,
+ psa_set_key_lifetime_negative_test,
+ NULL,
+};
+
+int g_test_count;
+
+int32_t psa_set_key_lifetime_test(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ uint8_t *key_data, data[BUFFER_SIZE];
+ psa_key_policy_t policy;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ uint32_t i, j, length;
+ boot_state_t boot_state;
+
+ g_test_count = 1;
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ status = val->get_boot_flag(&boot_state);
+ if (status != VAL_STATUS_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tGet boot flag failed\n", 0);
+ return status;
+ }
+
+ if (boot_state == BOOT_NOT_EXPECTED)
+ {
+ /* Set the key data buffer to the input base on algorithm */
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+ if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
+ {
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keypair;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ else
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keydata;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ key_data = ec_keypair;
+ else
+ key_data = ec_keydata;
+ }
+ else
+ key_data = check1[i].key_data;
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_slot, &policy);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA set key policy failed\n", 0);
+ return status;
+ }
+
+ /* Change the lifetime of a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_LIFETIME, check1[i].key_slot,
+ check1[i].lifetime);
+ if (status != check1[i].expected_status)
+ {
+ val->print(PRINT_ERROR, "\tPSA set key lifetime failed\n", 0);
+ return status;
+ }
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_slot,
+ check1[i].key_type, key_data, check1[i].key_length);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA import key failed\n", 0);
+ return status;
+ }
+
+ }
+
+ status = val->set_boot_flag(BOOT_EXPECTED_CRYPTO);
+ if (status != VAL_STATUS_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tSet boot flag failed\n", 0);
+ return status;
+ }
+
+ /*Waiting here for watchdog expiry */
+ while (1);
+ }
+ else if (boot_state == BOOT_EXPECTED_CRYPTO)
+ {
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+ if (check1[i].lifetime == PSA_KEY_LIFETIME_VOLATILE)
+ continue;
+
+ /* Set the key data buffer to the input base on algorithm */
+ if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
+ {
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keypair;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ else
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keydata;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ key_data = ec_keypair;
+ else
+ key_data = ec_keydata;
+ }
+ else
+ key_data = check1[i].key_data;
+
+ /* Export a key in binary format */
+ status = val->crypto_function(VAL_CRYPTO_EXPORT_KEY, check1[i].key_slot, data,
+ BUFFER_SIZE, &length);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA export key failed\n", 0);
+ return status;
+ }
+
+ if (length != check1[i].expected_key_length)
+ {
+ val->print(PRINT_ERROR, "\tKey length mismatch\n", 0);
+ return VAL_STATUS_INVALID_SIZE;
+ }
+
+ /* Check if original key data matches with the exported data */
+ if (val->crypto_key_type_is_raw(check1[i].key_type))
+ {
+ for (j = 0; j < length; j++)
+ {
+ if (check1[i].key_data[j] != data[j])
+ {
+ val->print(PRINT_ERROR, "\tKey data mismatch\n", 0);
+ return VAL_STATUS_DATA_MISMATCH;
+ }
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
+ {
+ for (j = 0; j < length; j++)
+ {
+ if (key_data[j] != data[j])
+ {
+ val->print(PRINT_ERROR, "\tKey data mismatch\n", 0);
+ return VAL_STATUS_DATA_MISMATCH;
+ }
+ }
+ }
+ else
+ {
+ return VAL_STATUS_INVALID;
+ }
+ }
+ }
+ else
+ {
+ val->print(PRINT_ERROR, "\tInvalid boot state\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_set_key_lifetime_negative_test(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ uint32_t i;
+ psa_key_policy_t policy;
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check2[i].test_desc, 0);
+
+ /* Change the lifetime of a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_LIFETIME, check2[i].key_slot,
+ check2[i].lifetime);
+ if (status != check2[i].expected_status)
+ {
+ val->print(PRINT_ERROR, "\tPSA set key lifetime failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/psa-ff/test_suites/crypto/test_c009/test_c009.h b/psa-ff/test_suites/crypto/test_c009/test_c009.h
new file mode 100644
index 0000000..e0a4c25
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c009/test_c009.h
@@ -0,0 +1,34 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C009_CLIENT_TESTS_H_
+#define _TEST_C009_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+#include "val_crypto.h"
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c009_crypto_list[];
+
+int32_t psa_set_key_lifetime_test(security_t caller);
+int32_t psa_set_key_lifetime_negative_test(security_t caller);
+#endif /* _TEST_C009_CLIENT_TESTS_H_ */
diff --git a/psa-ff/test_suites/crypto/test_c009/test_data.h b/psa-ff/test_suites/crypto/test_c009/test_data.h
new file mode 100644
index 0000000..6de98e4
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c009/test_data.h
@@ -0,0 +1,284 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[75];
+ psa_key_slot_t key_slot;
+ psa_key_type_t key_type;
+ uint8_t key_data[34];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_key_lifetime_t lifetime;
+ uint32_t expected_bit_length;
+ uint32_t expected_key_length;
+ psa_status_t expected_status;
+} test_data;
+
+uint8_t rsa_384_keypair[1];
+uint8_t rsa_384_keydata[1];
+
+uint8_t rsa_256_keypair[] = {
+ 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
+ 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
+ 0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
+ 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 0x7F, 0xFE,
+ 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1,
+ 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B,
+ 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 0xDA,
+ 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63,
+ 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34,
+ 0xB3, 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73,
+ 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, 0x2E, 0xB8, 0x10,
+ 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4,
+ 0xBB, 0x17, 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5,
+ 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 0xBC, 0x23,
+ 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0,
+ 0xA1, 0x96, 0x4A, 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63,
+ 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 0x77,
+ 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39,
+ 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33,
+ 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5,
+ 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50,
+ 0x01, 0xEF, 0x9F, 0xED, 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7,
+ 0x92, 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, 0xC6, 0x79,
+ 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, 0x95, 0x77, 0xCB, 0xC3, 0x9A,
+ 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA,
+ 0x67, 0x16, 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, 0xFB,
+ 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, 0x98, 0x6B, 0x65, 0x9A,
+ 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22,
+ 0x60, 0x2A, 0x73, 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4,
+ 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, 0x25, 0x4E, 0x9F,
+ 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64,
+ 0xCA, 0x9A, 0x5B, 0x05, 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32,
+ 0x22, 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, 0x74, 0xD3,
+ 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, 0x7A, 0x97, 0x2E, 0xD6, 0xB6,
+ 0x19, 0xC6, 0x92, 0x26, 0xE4, 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9,
+ 0x78, 0x0D, 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, 0x41,
+ 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, 0xD2, 0x60, 0xF2, 0x9F,
+ 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C,
+ 0xE6, 0x55, 0x34, 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A,
+ 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, 0xF1, 0x58, 0x58,
+ 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9,
+ 0x10, 0x32, 0xB7, 0x93, 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6,
+ 0xB5, 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, 0x1B, 0xAC,
+ 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, 0x19, 0xB8, 0xC3, 0x60, 0xB1,
+ 0x57, 0x48, 0x5F, 0x52, 0x4F, 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43,
+ 0x50, 0x3F, 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, 0xAD,
+ 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, 0x70, 0x9C, 0x0A, 0x7C,
+ 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD,
+ 0x15, 0x73, 0xDA, 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0,
+ 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, 0xC6, 0xB1, 0x53,
+ 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D,
+ 0xB7, 0x5C, 0x5C, 0x7C, 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63,
+ 0xB3, 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, 0x8E, 0x7B,
+ 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, 0x7D, 0xEA, 0xFE, 0x76, 0xA1,
+ 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B,
+ 0x5B, 0x0F, 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, 0xED,
+ 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, 0x13, 0x23, 0x4C, 0xCB,
+ 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C,
+ 0xC1, 0x85, 0x5F, 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3,
+ 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, 0x5F, 0x53, 0xA4,
+ 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB,
+ 0xD5, 0xFE, 0xF9, 0x52, 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52,
+ 0x2F, 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, 0x52, 0xDA,
+ 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, 0xD3, 0x18, 0x14, 0x72, 0x77,
+ 0x5E, 0xC7, 0xA3, 0x04, 0x1F, 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3,
+ 0xF2, 0xB5, 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, 0x5F,
+ 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, 0x56, 0xC0, 0xD4, 0x22,
+ 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95,
+ 0x92, 0x31, 0x41, 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39,
+ 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, 0x22, 0x00, 0xFE,
+ 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41,
+ 0x56, 0x28, 0x51, 0x9E, 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2,
+ 0x6C, 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, 0xD4, 0x0C,
+ 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, 0xD4, 0xE6, 0xDC, 0x4C, 0xED,
+ 0xD7, 0x16, 0x11, 0xC3, 0x3E, 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE,
+ 0xBB, 0x75, 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, 0xC5,
+ 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, 0x6E, 0x99, 0x87, 0xF8,
+ 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF,
+ 0x16, 0xCA, 0x8B, 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC,
+ 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, 0x9D, 0xE0, 0x63,
+ 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D,
+ 0x45, 0xF9, 0x40, 0x8C, 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C,
+ 0xAC, 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, 0xE5, 0x8A,
+ 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, 0x86, 0x09, 0xB8, 0xD8, 0x76,
+ 0xA7, 0xC9, 0x1C, 0x71, 0x52, 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD,
+ 0x61, 0x1B, 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, 0x43,
+ 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, 0x5E, 0xCF, 0x4F, 0xFC,
+ 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5,
+ 0x29, 0xD0, 0x44, 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2,
+ 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
+ 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
+
+uint8_t rsa_256_keydata[] = {
+ 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
+ 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
+ 0x75, 0x10, 0xA0, 0xA2, 0xB8, 0xCE, 0x7D, 0xAA, 0xE2, 0x05, 0xE0, 0x7A, 0xD8, 0x44,
+ 0x63, 0x8F, 0xB5, 0xBD, 0xC0, 0xB0, 0x19, 0xB9, 0x37, 0xB8, 0x19, 0x4A, 0x0E, 0xF1,
+ 0x5D, 0x74, 0x80, 0x67, 0x46, 0x87, 0x06, 0xDE, 0x5B, 0x7F, 0x06, 0x03, 0xBD, 0xC1,
+ 0x8D, 0x5E, 0x07, 0x15, 0xD4, 0x5B, 0xF4, 0xDC, 0xE5, 0xCF, 0x3D, 0xF9, 0xC1, 0x11,
+ 0x2C, 0xAE, 0x6A, 0xB9, 0x8A, 0xBD, 0x1D, 0x67, 0x66, 0x17, 0xEA, 0x4E, 0xBD, 0xDB,
+ 0x15, 0x9A, 0x82, 0x87, 0xE4, 0xF0, 0x78, 0xC3, 0xA3, 0x85, 0x87, 0xB0, 0xFD, 0x9F,
+ 0xA9, 0x99, 0x5F, 0xE3, 0x33, 0xEC, 0xCC, 0xEA, 0x0B, 0xB5, 0x61, 0x5E, 0xF1, 0x49,
+ 0x7E, 0x3F, 0xA3, 0x2D, 0xEA, 0x01, 0x0C, 0xCC, 0x42, 0x9A, 0x76, 0x9B, 0xC4, 0xD0,
+ 0x37, 0xD3, 0xB1, 0x17, 0x01, 0x61, 0x01, 0x16, 0x59, 0x7E, 0x1C, 0x17, 0xC3, 0x53,
+ 0xFD, 0xD1, 0x72, 0xCB, 0x4C, 0x60, 0x15, 0xDA, 0x7D, 0xE2, 0xEA, 0xAD, 0x50, 0xEF,
+ 0x8E, 0xE2, 0x8B, 0xD4, 0x6A, 0x77, 0x55, 0xD6, 0x70, 0xD9, 0x6B, 0xBB, 0xF1, 0xEE,
+ 0x39, 0x04, 0x38, 0xA3, 0xBD, 0xE2, 0xD1, 0xE0, 0x66, 0x6B, 0xE2, 0x9C, 0x47, 0x99,
+ 0xE9, 0x28, 0xE6, 0xB6, 0xFC, 0x2E, 0xCA, 0x67, 0x43, 0x84, 0xE8, 0xD5, 0x83, 0xD6,
+ 0x9D, 0x98, 0x6B, 0x01, 0x3E, 0x81, 0xDC, 0x3C, 0x7A, 0xCA, 0xF9, 0xF3, 0x9C, 0xF7,
+ 0xD6, 0x28, 0x1B, 0x27, 0x78, 0x7C, 0xC3, 0xD0, 0xD5, 0x63, 0xA7, 0x81, 0x34, 0x89,
+ 0xAD, 0x25, 0x6A, 0xBD, 0xF2, 0xEA, 0xED, 0xFA, 0x57, 0xFC, 0xE5, 0x34, 0xC6, 0xC1,
+ 0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
+ 0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
+
+uint8_t ec_keydata[] = {
+ 0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
+ 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
+ 0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
+ 0xF6, 0x20, 0xA5, 0x58, 0xA5, 0x01, 0xE0, 0x22, 0x2D, 0x08, 0xCF, 0xE0, 0xDC, 0x8A,
+ 0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
+ 0x24, 0x74, 0x90, 0x9A, 0xE0};
+
+uint8_t ec_keypair[] = {
+ 0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
+ 0xF5, 0x49, 0xBD, 0x6F, 0x05, 0x53, 0x49, 0x4B, 0x73, 0xE3, 0xD6, 0x11, 0x30, 0xFD,
+ 0xC6, 0xC9, 0x6D, 0xA0, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
+ 0x01, 0xA1, 0x34, 0x03, 0x32, 0x00, 0x04, 0x51, 0x75, 0xBC, 0xDF, 0x30, 0xA3, 0x70,
+ 0xF3, 0x9D, 0x53, 0x93, 0xE6, 0x12, 0x72, 0x88, 0xD8, 0x01, 0x67, 0xB5, 0xF4, 0xB4,
+ 0xB7, 0x76, 0xC6, 0x74, 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F,
+ 0x68, 0x54, 0xB5, 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
+
+
+test_data check1[] = {
+{"Test psa_set_key_lifetime 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ PSA_KEY_LIFETIME_VOLATILE, BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+},
+
+#ifdef NO_SUPPORT
+/* PSA crypto doesn't support these test scenarios */
+{"Test psa_set_key_lifetime 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
+{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
+ 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
+ AES_24B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ PSA_KEY_LIFETIME_PERSISTENT, BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_set_key_lifetime 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
+{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
+ 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ PSA_KEY_LIFETIME_WRITE_ONCE, BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
+},
+#endif
+
+{"Test psa_set_key_lifetime 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+ {0},
+ 294, PSA_KEY_USAGE_SIGN, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ PSA_KEY_LIFETIME_VOLATILE, 2048, 294, PSA_SUCCESS
+},
+
+#ifdef NO_SUPPORT
+/* PSA crypto doesn't support these test scenarios */
+{"Test psa_set_key_lifetime with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
+ {0},
+ 1193, PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ PSA_KEY_LIFETIME_PERSISTENT, 2048, 1193, PSA_SUCCESS
+},
+
+{"Test psa_set_key_lifetime with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
+ {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ PSA_KEY_LIFETIME_WRITE_ONCE, BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
+},
+#endif
+
+{"Test psa_set_key_lifetime with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
+{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ PSA_KEY_LIFETIME_VOLATILE, BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
+},
+
+#ifdef NO_SUPPORT
+/* PSA crypto doesn't support these test scenarios */
+{"Test psa_set_key_lifetime with Triple DES 3-Key\n", 8, PSA_KEY_TYPE_DES,
+{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
+ DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ PSA_KEY_LIFETIME_PERSISTENT, BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
+},
+#endif
+
+{"Test psa_set_key_lifetime with EC Public key\n", 9,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | PSA_ECC_CURVE_SECP192R1,
+ {0},
+ 75, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ PSA_KEY_LIFETIME_VOLATILE, 192, 75, PSA_SUCCESS
+},
+
+{"Test psa_set_key_lifetime with EC keypair\n", 10,
+ PSA_KEY_TYPE_ECC_KEYPAIR_BASE | PSA_ECC_CURVE_SECP192R1,
+ {0},
+ 97, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ PSA_KEY_LIFETIME_VOLATILE, 192, 97, PSA_SUCCESS
+},
+};
+
+
+test_data check2[] = {
+{"Test psa_set_key_lifetime with invalid key slot\n", INVALID_KEY_SLOT, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE, PSA_KEY_LIFETIME_VOLATILE,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_set_key_lifetime with zero key slot\n", ZERO_KEY_SLOT, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE, PSA_KEY_LIFETIME_VOLATILE,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_set_key_lifetime with invalid lifetime\n", 11, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE, PSA_KEY_LIFETIME_INVALID,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+#ifdef NO_SUPPORT
+{"Test psa_set_key_lifetime with occupied slot\n", 11, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE, PSA_KEY_LIFETIME_VOLATILE,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_OCCUPIED_SLOT
+},
+#endif
+
+};
diff --git a/psa-ff/test_suites/crypto/test_c009/test_entry.c b/psa-ff/test_suites/crypto/test_c009/test_entry.c
new file mode 100644
index 0000000..d7037fe
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c009/test_entry.c
@@ -0,0 +1,69 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c009.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 9)
+#define TEST_DESC "Testing crypto key management APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t i, status = VAL_STATUS_SUCCESS;
+ bool_t destroy_status = TRUE;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c009_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->print(PRINT_DEBUG, "\tPSA destroy all the key slot\n", 0);
+ for (i = 1; i <= MAX_KEY_SLOT; i++)
+ {
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, i);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA destroy key failed for slot number: %d\n", i);
+ destroy_status = FALSE;
+ }
+ }
+
+ if (destroy_status)
+ {
+ val->print(PRINT_DEBUG, "\tPSA all the key slot successfully destroyed\n", 0);
+ }
+
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/crypto/test_c010/source.mk b/psa-ff/test_suites/crypto/test_c010/source.mk
new file mode 100644
index 0000000..da0bb91
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c010/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c010.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/crypto/test_c010/test_c010.c b/psa-ff/test_suites/crypto/test_c010/test_c010.c
new file mode 100644
index 0000000..083d5a9
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c010/test_c010.c
@@ -0,0 +1,182 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_c010.h"
+#include "test_data.h"
+#include "val_crypto.h"
+
+client_test_t test_c010_crypto_list[] = {
+ NULL,
+ psa_get_key_lifetime_test,
+ psa_get_key_lifetime_negative_test,
+ NULL,
+};
+
+int g_test_count;
+
+int32_t psa_get_key_lifetime_test(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ uint8_t *key_data;
+ psa_key_policy_t policy;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ uint32_t i;
+ psa_key_lifetime_t lifetime;
+
+ g_test_count = 1;
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ /* Set the key data buffer to the input base on algorithm */
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+ if (PSA_KEY_TYPE_IS_RSA(check1[i].key_type))
+ {
+ if (check1[i].key_type == PSA_KEY_TYPE_RSA_KEYPAIR)
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keypair;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keypair;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ else
+ {
+ if (check1[i].expected_bit_length == BYTES_TO_BITS(384))
+ key_data = rsa_384_keydata;
+ else if (check1[i].expected_bit_length == BYTES_TO_BITS(256))
+ key_data = rsa_256_keydata;
+ else
+ return VAL_STATUS_INVALID;
+ }
+ }
+ else if (PSA_KEY_TYPE_IS_ECC(check1[i].key_type))
+ {
+ if (PSA_KEY_TYPE_IS_ECC_KEYPAIR(check1[i].key_type))
+ key_data = ec_keypair;
+ else
+ key_data = ec_keydata;
+ }
+ else
+ key_data = check1[i].key_data;
+
+ /* Set the standard fields of a policy structure */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_SET_USAGE, &policy, check1[i].usage,
+ check1[i].key_alg);
+
+ /* Set the usage policy on a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_POLICY, check1[i].key_slot, &policy);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA set key policy failed\n", 0);
+ return status;
+ }
+
+ /* Change the lifetime of a key slot */
+ status = val->crypto_function(VAL_CRYPTO_SET_KEY_LIFETIME, check1[i].key_slot,
+ check1[i].lifetime);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA set key lifetime failed\n", 0);
+ return status;
+ }
+
+ /* Import the key data into the key slot */
+ status = val->crypto_function(VAL_CRYPTO_IMPORT_KEY, check1[i].key_slot,
+ check1[i].key_type, key_data, check1[i].key_length);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA import key failed\n", 0);
+ return status;
+ }
+
+ /* Get the lifetime of a key slot */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_LIFETIME, check1[i].key_slot,
+ &lifetime);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA get key lifetime failed\n", 0);
+ return status;
+ }
+
+ if (lifetime != check1[i].lifetime)
+ {
+ val->print(PRINT_ERROR, "\tKey lifetime mismatch\n", 0);
+ return VAL_STATUS_DATA_MISMATCH;
+ }
+
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_get_key_lifetime_negative_test(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ int num_checks = sizeof(check2)/sizeof(check2[0]);
+ uint32_t i;
+ psa_key_lifetime_t lifetime;
+ psa_key_policy_t policy;
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ /* Initialize a key policy structure to a default that forbids all
+ * usage of the key
+ */
+ val->crypto_function(VAL_CRYPTO_KEY_POLICY_INIT, &policy);
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check2[i].test_desc, 0);
+
+ /* Get the lifetime of a key slot */
+ status = val->crypto_function(VAL_CRYPTO_GET_KEY_LIFETIME, check2[i].key_slot,
+ &lifetime);
+ if (status != check2[i].expected_status)
+ {
+ val->print(PRINT_ERROR, "\tPSA get key lifetime failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/psa-ff/test_suites/crypto/test_c010/test_c010.h b/psa-ff/test_suites/crypto/test_c010/test_c010.h
new file mode 100644
index 0000000..df1e4f7
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c010/test_c010.h
@@ -0,0 +1,34 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C010_CLIENT_TESTS_H_
+#define _TEST_C010_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+#include "val_crypto.h"
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c010_crypto_list[];
+
+int32_t psa_get_key_lifetime_test(security_t caller);
+int32_t psa_get_key_lifetime_negative_test(security_t caller);
+#endif /* _TEST_C010_CLIENT_TESTS_H_ */
diff --git a/psa-ff/test_suites/crypto/test_c010/test_data.h b/psa-ff/test_suites/crypto/test_c010/test_data.h
new file mode 100644
index 0000000..42d3a00
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c010/test_data.h
@@ -0,0 +1,279 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+#define EMPTY_KEY_SLOT 31
+
+typedef struct {
+ char test_desc[75];
+ psa_key_slot_t key_slot;
+ psa_key_type_t key_type;
+ uint8_t key_data[34];
+ uint32_t key_length;
+ psa_key_usage_t usage;
+ psa_algorithm_t key_alg;
+ psa_key_lifetime_t lifetime;
+ uint32_t expected_bit_length;
+ uint32_t expected_key_length;
+ psa_status_t expected_status;
+} test_data;
+
+uint8_t rsa_384_keypair[1];
+uint8_t rsa_384_keydata[1];
+
+uint8_t rsa_256_keypair[] = {
+ 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC0,
+ 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27,
+ 0x01, 0x65, 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F,
+ 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, 0x7F, 0xFE,
+ 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1,
+ 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B,
+ 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, 0xDA,
+ 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63,
+ 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34,
+ 0xB3, 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73,
+ 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, 0x2E, 0xB8, 0x10,
+ 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4,
+ 0xBB, 0x17, 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5,
+ 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, 0xBC, 0x23,
+ 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0,
+ 0xA1, 0x96, 0x4A, 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63,
+ 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, 0x77,
+ 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39,
+ 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33,
+ 0x20, 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5,
+ 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, 0x01, 0x00, 0x01,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50,
+ 0x01, 0xEF, 0x9F, 0xED, 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7,
+ 0x92, 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, 0xC6, 0x79,
+ 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, 0x95, 0x77, 0xCB, 0xC3, 0x9A,
+ 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA,
+ 0x67, 0x16, 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, 0xFB,
+ 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, 0x98, 0x6B, 0x65, 0x9A,
+ 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22,
+ 0x60, 0x2A, 0x73, 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4,
+ 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, 0x25, 0x4E, 0x9F,
+ 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64,
+ 0xCA, 0x9A, 0x5B, 0x05, 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32,
+ 0x22, 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, 0x74, 0xD3,
+ 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, 0x7A, 0x97, 0x2E, 0xD6, 0xB6,
+ 0x19, 0xC6, 0x92, 0x26, 0xE4, 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9,
+ 0x78, 0x0D, 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, 0x41,
+ 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, 0xD2, 0x60, 0xF2, 0x9F,
+ 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C,
+ 0xE6, 0x55, 0x34, 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A,
+ 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, 0xF1, 0x58, 0x58,
+ 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9,
+ 0x10, 0x32, 0xB7, 0x93, 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6,
+ 0xB5, 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, 0x1B, 0xAC,
+ 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, 0x19, 0xB8, 0xC3, 0x60, 0xB1,
+ 0x57, 0x48, 0x5F, 0x52, 0x4F, 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43,
+ 0x50, 0x3F, 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, 0xAD,
+ 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, 0x70, 0x9C, 0x0A, 0x7C,
+ 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD,
+ 0x15, 0x73, 0xDA, 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0,
+ 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, 0xC6, 0xB1, 0x53,
+ 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D,
+ 0xB7, 0x5C, 0x5C, 0x7C, 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63,
+ 0xB3, 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, 0x8E, 0x7B,
+ 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, 0x7D, 0xEA, 0xFE, 0x76, 0xA1,
+ 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B,
+ 0x5B, 0x0F, 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, 0xED,
+ 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, 0x13, 0x23, 0x4C, 0xCB,
+ 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C,
+ 0xC1, 0x85, 0x5F, 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3,
+ 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, 0x5F, 0x53, 0xA4,
+ 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB,
+ 0xD5, 0xFE, 0xF9, 0x52, 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52,
+ 0x2F, 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, 0x52, 0xDA,
+ 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, 0xD3, 0x18, 0x14, 0x72, 0x77,
+ 0x5E, 0xC7, 0xA3, 0x04, 0x1F, 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3,
+ 0xF2, 0xB5, 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, 0x5F,
+ 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, 0x56, 0xC0, 0xD4, 0x22,
+ 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95,
+ 0x92, 0x31, 0x41, 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39,
+ 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, 0x22, 0x00, 0xFE,
+ 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41,
+ 0x56, 0x28, 0x51, 0x9E, 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2,
+ 0x6C, 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, 0xD4, 0x0C,
+ 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, 0xD4, 0xE6, 0xDC, 0x4C, 0xED,
+ 0xD7, 0x16, 0x11, 0xC3, 0x3E, 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE,
+ 0xBB, 0x75, 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, 0xC5,
+ 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, 0x6E, 0x99, 0x87, 0xF8,
+ 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF,
+ 0x16, 0xCA, 0x8B, 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC,
+ 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, 0x9D, 0xE0, 0x63,
+ 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D,
+ 0x45, 0xF9, 0x40, 0x8C, 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C,
+ 0xAC, 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, 0xE5, 0x8A,
+ 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, 0x86, 0x09, 0xB8, 0xD8, 0x76,
+ 0xA7, 0xC9, 0x1C, 0x71, 0x52, 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD,
+ 0x61, 0x1B, 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, 0x43,
+ 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, 0x5E, 0xCF, 0x4F, 0xFC,
+ 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5,
+ 0x29, 0xD0, 0x44, 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2,
+ 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, 0x7C, 0x9A, 0x1F,
+ 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, 0x3B, 0xF1, 0xB0};
+
+uint8_t rsa_256_keydata[] = {
+ 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D,
+ 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A,
+ 0x02, 0x82, 0x01, 0x01, 0x00, 0xDB, 0x1C, 0x7F, 0x2E, 0x0B, 0xCD, 0xBF, 0xCE, 0xD1,
+ 0x75, 0x10, 0xA0, 0xA2, 0xB8, 0xCE, 0x7D, 0xAA, 0xE2, 0x05, 0xE0, 0x7A, 0xD8, 0x44,
+ 0x63, 0x8F, 0xB5, 0xBD, 0xC0, 0xB0, 0x19, 0xB9, 0x37, 0xB8, 0x19, 0x4A, 0x0E, 0xF1,
+ 0x5D, 0x74, 0x80, 0x67, 0x46, 0x87, 0x06, 0xDE, 0x5B, 0x7F, 0x06, 0x03, 0xBD, 0xC1,
+ 0x8D, 0x5E, 0x07, 0x15, 0xD4, 0x5B, 0xF4, 0xDC, 0xE5, 0xCF, 0x3D, 0xF9, 0xC1, 0x11,
+ 0x2C, 0xAE, 0x6A, 0xB9, 0x8A, 0xBD, 0x1D, 0x67, 0x66, 0x17, 0xEA, 0x4E, 0xBD, 0xDB,
+ 0x15, 0x9A, 0x82, 0x87, 0xE4, 0xF0, 0x78, 0xC3, 0xA3, 0x85, 0x87, 0xB0, 0xFD, 0x9F,
+ 0xA9, 0x99, 0x5F, 0xE3, 0x33, 0xEC, 0xCC, 0xEA, 0x0B, 0xB5, 0x61, 0x5E, 0xF1, 0x49,
+ 0x7E, 0x3F, 0xA3, 0x2D, 0xEA, 0x01, 0x0C, 0xCC, 0x42, 0x9A, 0x76, 0x9B, 0xC4, 0xD0,
+ 0x37, 0xD3, 0xB1, 0x17, 0x01, 0x61, 0x01, 0x16, 0x59, 0x7E, 0x1C, 0x17, 0xC3, 0x53,
+ 0xFD, 0xD1, 0x72, 0xCB, 0x4C, 0x60, 0x15, 0xDA, 0x7D, 0xE2, 0xEA, 0xAD, 0x50, 0xEF,
+ 0x8E, 0xE2, 0x8B, 0xD4, 0x6A, 0x77, 0x55, 0xD6, 0x70, 0xD9, 0x6B, 0xBB, 0xF1, 0xEE,
+ 0x39, 0x04, 0x38, 0xA3, 0xBD, 0xE2, 0xD1, 0xE0, 0x66, 0x6B, 0xE2, 0x9C, 0x47, 0x99,
+ 0xE9, 0x28, 0xE6, 0xB6, 0xFC, 0x2E, 0xCA, 0x67, 0x43, 0x84, 0xE8, 0xD5, 0x83, 0xD6,
+ 0x9D, 0x98, 0x6B, 0x01, 0x3E, 0x81, 0xDC, 0x3C, 0x7A, 0xCA, 0xF9, 0xF3, 0x9C, 0xF7,
+ 0xD6, 0x28, 0x1B, 0x27, 0x78, 0x7C, 0xC3, 0xD0, 0xD5, 0x63, 0xA7, 0x81, 0x34, 0x89,
+ 0xAD, 0x25, 0x6A, 0xBD, 0xF2, 0xEA, 0xED, 0xFA, 0x57, 0xFC, 0xE5, 0x34, 0xC6, 0xC1,
+ 0x0F, 0x71, 0x2D, 0xD2, 0x08, 0x10, 0x1B, 0xAD, 0x44, 0x41, 0xE0, 0xFE, 0x79, 0xA0,
+ 0x63, 0x93, 0x8A, 0xB1, 0x5D, 0xE9, 0xB0, 0xEE, 0x6F, 0x02, 0x03, 0x01, 0x00, 0x01};
+
+uint8_t ec_keydata[] = {
+ 0x30, 0x49, 0x30, 0x13, 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x02, 0x01, 0x06,
+ 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x01, 0x03, 0x32, 0x00, 0x04, 0xBC,
+ 0x79, 0x7D, 0xB3, 0xAE, 0x7F, 0x08, 0xEC, 0x3D, 0x49, 0x6B, 0x4F, 0xB4, 0x11, 0xB3,
+ 0xF6, 0x20, 0xA5, 0x58, 0xA5, 0x01, 0xE0, 0x22, 0x2D, 0x08, 0xCF, 0xE0, 0xDC, 0x8A,
+ 0xEC, 0x8B, 0x1A, 0x7B, 0xF2, 0x4B, 0xE9, 0x29, 0x51, 0xCC, 0x5B, 0xA1, 0xBE, 0xBB,
+ 0x24, 0x74, 0x90, 0x9A, 0xE0};
+
+uint8_t ec_keypair[] = {
+ 0x30, 0x5F, 0x02, 0x01, 0x01, 0x04, 0x18, 0x33, 0x8E, 0x86, 0xA8, 0x81, 0xE2, 0x38,
+ 0xF5, 0x49, 0xBD, 0x6F, 0x05, 0x53, 0x49, 0x4B, 0x73, 0xE3, 0xD6, 0x11, 0x30, 0xFD,
+ 0xC6, 0xC9, 0x6D, 0xA0, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01,
+ 0x01, 0xA1, 0x34, 0x03, 0x32, 0x00, 0x04, 0x51, 0x75, 0xBC, 0xDF, 0x30, 0xA3, 0x70,
+ 0xF3, 0x9D, 0x53, 0x93, 0xE6, 0x12, 0x72, 0x88, 0xD8, 0x01, 0x67, 0xB5, 0xF4, 0xB4,
+ 0xB7, 0x76, 0xC6, 0x74, 0xF7, 0xC6, 0xF3, 0x54, 0xB7, 0xD2, 0x24, 0x06, 0x2C, 0x1F,
+ 0x68, 0x54, 0xB5, 0xA7, 0xAF, 0x0F, 0xE5, 0x78, 0xEA, 0xF2, 0x58, 0xF0, 0x27};
+
+test_data check1[] = {
+{"Test psa_get_key_lifetime 16 Byte AES\n", 1, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ PSA_KEY_LIFETIME_VOLATILE, BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_SUCCESS
+},
+
+#ifdef NO_SUPPORT
+/* PSA crypto doesn't support these test scenarios */
+{"Test psa_get_key_lifetime 24 Byte AES\n", 2, PSA_KEY_TYPE_AES,
+{0x24, 0x13, 0x61, 0x47, 0x61, 0xB8, 0xC8, 0xF0, 0xDF, 0xAB, 0x5A, 0x0E, 0x87,
+ 0x40, 0xAC, 0xA3, 0x90, 0x77, 0x83, 0x52, 0x31, 0x74, 0xF9},
+ AES_24B_KEY_SIZE, PSA_KEY_USAGE_ENCRYPT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ PSA_KEY_LIFETIME_PERSISTENT, BYTES_TO_BITS(AES_24B_KEY_SIZE), AES_24B_KEY_SIZE, PSA_SUCCESS
+},
+
+{"Test psa_get_key_lifetime 32 Byte AES\n", 3, PSA_KEY_TYPE_AES,
+{0xEA, 0xD5, 0xE6, 0xC8, 0x51, 0xF9, 0xEC, 0xBB, 0x9B, 0x57, 0x7C, 0xED, 0xD2,
+ 0x4B, 0x82, 0x84, 0x9F, 0x9F, 0xE6, 0x73, 0x21, 0x3D, 0x1A, 0x05, 0xC9, 0xED,
+ 0xDF, 0x25, 0x17, 0x68, 0x86, 0xAE},
+ AES_32B_KEY_SIZE, PSA_KEY_USAGE_DECRYPT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ PSA_KEY_LIFETIME_WRITE_ONCE, BYTES_TO_BITS(AES_32B_KEY_SIZE), AES_32B_KEY_SIZE, PSA_SUCCESS
+},
+#endif
+
+{"Test psa_get_key_lifetime 2048 RSA public key\n", 4, PSA_KEY_TYPE_RSA_PUBLIC_KEY,
+ {0},
+ 294, PSA_KEY_USAGE_SIGN, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ PSA_KEY_LIFETIME_VOLATILE, 2048, 294, PSA_SUCCESS
+},
+
+#ifdef NO_SUPPORT
+/* PSA crypto doesn't support these test scenarios */
+{"Test psa_get_key_lifetime with RSA 2048 keypair\n", 5, PSA_KEY_TYPE_RSA_KEYPAIR,
+ {0},
+ 1193, PSA_KEY_USAGE_VERIFY, PSA_ALG_RSA_PKCS1V15_SIGN_RAW,
+ PSA_KEY_LIFETIME_PERSISTENT, 2048, 1193, PSA_SUCCESS
+},
+
+{"Test psa_get_key_lifetime with DES 64 bit key\n", 6, PSA_KEY_TYPE_DES,
+ {0x70, 0x24, 0x55, 0x0C, 0x14, 0x9D, 0xED, 0x29},
+ DES_8B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ PSA_KEY_LIFETIME_WRITE_ONCE, BYTES_TO_BITS(DES_8B_KEY_SIZE), DES_8B_KEY_SIZE, PSA_SUCCESS
+},
+#endif
+
+{"Test psa_get_key_lifetime with Triple DES 2-Key\n", 7, PSA_KEY_TYPE_DES,
+{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF},
+ DES3_2KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ PSA_KEY_LIFETIME_VOLATILE, BYTES_TO_BITS(DES3_2KEY_SIZE), DES3_2KEY_SIZE, PSA_SUCCESS
+},
+
+#ifdef NO_SUPPORT
+/* PSA crypto doesn't support these test scenarios */
+{"Test psa_get_key_lifetime with Triple DES 3-Key\n", 8, PSA_KEY_TYPE_DES,
+{0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF,
+ 0xF1, 0xE0, 0xD3, 0xC2, 0xB5, 0xA4, 0x97, 0x86,
+ 0xFE, 0xDC, 0xBA, 0x98, 0x76, 0x54, 0x32, 0x10},
+ DES3_3KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE,
+ PSA_KEY_LIFETIME_PERSISTENT, BYTES_TO_BITS(DES3_3KEY_SIZE), DES3_3KEY_SIZE, PSA_SUCCESS
+},
+#endif
+
+{"Test psa_get_key_lifetime with EC Public key\n", 9,
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE | PSA_ECC_CURVE_SECP192R1,
+ {0},
+ 75, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ PSA_KEY_LIFETIME_VOLATILE, 192, 75, PSA_SUCCESS
+},
+
+{"Test psa_get_key_lifetime with EC keypair\n", 10,
+ PSA_KEY_TYPE_ECC_KEYPAIR_BASE | PSA_ECC_CURVE_SECP192R1,
+ {0},
+ 97, PSA_KEY_USAGE_EXPORT, PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION,
+ PSA_KEY_LIFETIME_VOLATILE, 192, 97, PSA_SUCCESS
+},
+
+};
+
+
+test_data check2[] = {
+{"Test psa_get_key_lifetime with invalid key slot\n", INVALID_KEY_SLOT, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE, PSA_KEY_LIFETIME_VOLATILE,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+{"Test psa_get_key_lifetime with zero key slot\n", ZERO_KEY_SLOT, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE, PSA_KEY_LIFETIME_VOLATILE,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+
+#ifdef NO_SUPPORT
+/* PSA crypto doesn't support these test scenarios */
+{"Test psa_get_key_lifetime with empty key slot\n", EMPTY_KEY_SLOT, PSA_KEY_TYPE_AES,
+{0x49, 0x8E, 0xC7, 0x7D, 0x01, 0x95, 0x0D, 0x94, 0x2C, 0x16, 0xA5, 0x3E, 0x99,
+ 0x5F, 0xC9},
+ AES_16B_KEY_SIZE, PSA_KEY_USAGE_EXPORT, PSA_ALG_BLOCK_CIPHER_PAD_NONE, PSA_KEY_LIFETIME_VOLATILE,
+ BYTES_TO_BITS(AES_16B_KEY_SIZE), AES_16B_KEY_SIZE, PSA_ERROR_INVALID_ARGUMENT
+},
+#endif
+};
diff --git a/psa-ff/test_suites/crypto/test_c010/test_entry.c b/psa-ff/test_suites/crypto/test_c010/test_entry.c
new file mode 100644
index 0000000..f1644d1
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c010/test_entry.c
@@ -0,0 +1,69 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c010.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 10)
+#define TEST_DESC "Testing crypto key management APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t i, status = VAL_STATUS_SUCCESS;
+ bool_t destroy_status = TRUE;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c010_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->print(PRINT_DEBUG, "\tPSA destroy all the key slot\n", 0);
+ for (i = 1; i <= MAX_KEY_SLOT; i++)
+ {
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, i);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA destroy key failed for slot number: %d\n", i);
+ destroy_status = FALSE;
+ }
+ }
+
+ if (destroy_status)
+ {
+ val->print(PRINT_DEBUG, "\tPSA all the key slot successfully destroyed\n", 0);
+ }
+
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/crypto/test_c011/source.mk b/psa-ff/test_suites/crypto/test_c011/source.mk
new file mode 100644
index 0000000..10a5d4b
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c011/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c011.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/crypto/test_c011/test_c011.c b/psa-ff/test_suites/crypto/test_c011/test_c011.c
new file mode 100644
index 0000000..de2f79b
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c011/test_c011.c
@@ -0,0 +1,68 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_c011.h"
+#include "test_data.h"
+#include "val_crypto.h"
+
+client_test_t test_c011_crypto_list[] = {
+ NULL,
+ psa_hash_setup_test,
+ NULL,
+};
+
+int g_test_count;
+
+int32_t psa_hash_setup_test(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ uint32_t i;
+ psa_hash_operation_t operation;
+
+ g_test_count = 1;
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Start a multipart hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &operation, check1[i].alg);
+ if (status != check1[i].expected_status)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash setup failed", 0);
+ return VAL_STATUS_INVALID;
+ }
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/psa-ff/test_suites/crypto/test_c011/test_c011.h b/psa-ff/test_suites/crypto/test_c011/test_c011.h
new file mode 100644
index 0000000..e78b46d
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c011/test_c011.h
@@ -0,0 +1,34 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C011_CLIENT_TESTS_H_
+#define _TEST_C011_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+#include "val_crypto.h"
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c011_crypto_list[];
+
+int32_t psa_hash_setup_test(security_t caller);
+int32_t psa_get_key_lifetime_negative_test(security_t caller);
+#endif /* _TEST_C011_CLIENT_TESTS_H_ */
diff --git a/psa-ff/test_suites/crypto/test_c011/test_data.h b/psa-ff/test_suites/crypto/test_c011/test_data.h
new file mode 100644
index 0000000..e3eead4
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c011/test_data.h
@@ -0,0 +1,90 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[50];
+ psa_algorithm_t alg;
+ psa_status_t expected_status;
+} test_data;
+
+test_data check1[] = {
+{"Test psa_hash_setup with MD2 algorithm\n",
+ PSA_ALG_MD2, PSA_SUCCESS,
+},
+
+{"Test psa_hash_setup with MD4 algorithm\n",
+ PSA_ALG_MD4, PSA_SUCCESS,
+},
+
+{"Test psa_hash_setup with MD5 algorithm\n",
+ PSA_ALG_MD5, PSA_SUCCESS,
+},
+
+{"Test psa_hash_setup with RIPEMD160 algorithm\n",
+ PSA_ALG_RIPEMD160, PSA_SUCCESS,
+},
+
+{"Test psa_hash_setup with SHA1 algorithm\n",
+ PSA_ALG_SHA_1, PSA_SUCCESS,
+},
+
+{"Test psa_hash_setup with SHA224 algorithm\n",
+ PSA_ALG_SHA_224, PSA_SUCCESS,
+},
+
+{"Test psa_hash_setup with SHA256 algorithm\n",
+ PSA_ALG_SHA_256, PSA_SUCCESS,
+},
+
+{"Test psa_hash_setup with SHA384 algorithm\n",
+ PSA_ALG_SHA_384, PSA_SUCCESS,
+},
+
+{"Test psa_hash_setup with SHA512 algorithm\n",
+ PSA_ALG_SHA_512, PSA_SUCCESS,
+},
+
+{"Test psa_hash_setup with SHA512_224 algorithm\n",
+ PSA_ALG_SHA_512_224, PSA_ERROR_NOT_SUPPORTED,
+},
+
+{"Test psa_hash_setup with SHA512_256 algorithm\n",
+ PSA_ALG_SHA_512_256, PSA_ERROR_NOT_SUPPORTED,
+},
+
+{"Test psa_hash_setup with SHA3_224 algorithm\n",
+ PSA_ALG_SHA3_224, PSA_ERROR_NOT_SUPPORTED,
+},
+
+{"Test psa_hash_setup with SHA3_256 algorithm\n",
+ PSA_ALG_SHA3_256, PSA_ERROR_NOT_SUPPORTED,
+},
+
+{"Test psa_hash_setup with SHA3_384 algorithm\n",
+ PSA_ALG_SHA3_384, PSA_ERROR_NOT_SUPPORTED,
+},
+
+{"Test psa_hash_setup with SHA3_512 algorithm\n",
+ PSA_ALG_SHA3_512, PSA_ERROR_NOT_SUPPORTED,
+},
+
+{"Test psa_hash_setup with Invalid algorithm\n",
+ PSA_ALG_INVALID, PSA_ERROR_INVALID_ARGUMENT,
+},
+};
diff --git a/psa-ff/test_suites/crypto/test_c011/test_entry.c b/psa-ff/test_suites/crypto/test_c011/test_entry.c
new file mode 100644
index 0000000..498cc64
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c011/test_entry.c
@@ -0,0 +1,69 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c011.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 11)
+#define TEST_DESC "Testing crypto hash functions APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t i, status = VAL_STATUS_SUCCESS;
+ bool_t destroy_status = TRUE;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c011_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->print(PRINT_DEBUG, "\tPSA destroy all the key slot\n", 0);
+ for (i = 1; i <= MAX_KEY_SLOT; i++)
+ {
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, i);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA destroy key failed for slot number: %d\n", i);
+ destroy_status = FALSE;
+ }
+ }
+
+ if (destroy_status)
+ {
+ val->print(PRINT_DEBUG, "\tPSA all the key slot successfully destroyed\n", 0);
+ }
+
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/crypto/test_c012/source.mk b/psa-ff/test_suites/crypto/test_c012/source.mk
new file mode 100644
index 0000000..5379fd9
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c012/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c012.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/crypto/test_c012/test_c012.c b/psa-ff/test_suites/crypto/test_c012/test_c012.c
new file mode 100644
index 0000000..2b67f9a
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c012/test_c012.c
@@ -0,0 +1,164 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_c012.h"
+#include "test_data.h"
+#include "val_crypto.h"
+
+client_test_t test_c012_crypto_list[] = {
+ NULL,
+ psa_hash_update_test,
+ psa_hash_update_invalid_handle,
+ psa_hash_update_with_completed_handle,
+ NULL,
+};
+
+int g_test_count;
+
+int32_t psa_hash_update_test(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ uint32_t i;
+ psa_hash_operation_t operation;
+
+ g_test_count = 1;
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Start a multipart hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &operation, check1[i].alg);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash setup failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ /* Add a message fragment to a multipart hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation,
+ check1[i].input, check1[i].input_length);
+ if (status != check1[i].expected_status)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash update failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_hash_update_invalid_handle(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_hash_operation_t operation;
+ uint8_t input[] = "Hello World";
+ size_t input_length = sizeof(input)/sizeof(input[0]);
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, "Test psa_hash_update without hash setup\n", 0);
+
+ status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation,
+ input, input_length);
+ if (status != PSA_ERROR_INVALID_ARGUMENT)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash update should have failed but succeeded\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_hash_update_with_completed_handle(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_hash_operation_t operation;
+ uint8_t input[] = {0xbd};
+ size_t input_length = sizeof(input)/sizeof(input[0]);
+ psa_algorithm_t alg = PSA_ALG_SHA_256;
+ uint8_t hash[] = {0x68, 0x32, 0x57, 0x20, 0xAA, 0xBD, 0x7C, 0x82, 0xF3, 0x0F,
+ 0x55, 0x4B, 0x31, 0x3D, 0x05, 0x70, 0xC9, 0x5A, 0xCC, 0xBB,
+ 0x7D, 0xC4, 0xB5, 0xAA, 0xE1, 0x12, 0x04, 0xC0, 0x8F, 0xFE,
+ 0x73, 0x2B};
+ size_t hash_length = sizeof(hash)/sizeof(hash[0]);
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, "Test psa_hash_update with completed opertaion handle \n", 0);
+
+ /* Start a multipart hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &operation, alg);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash setup failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ /* Add a message fragment to a multipart hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation,
+ input, input_length);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash update failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ /* Finish the calculation of the hash of a message and compare it with an expected value*/
+ status = val->crypto_function(VAL_CRYPTO_HASH_VERIFY, &operation, hash, hash_length);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash verify failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ /* Add a message fragment to a multipart hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation,
+ input, input_length);
+ if (status != PSA_ERROR_INVALID_ARGUMENT)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash update should have failed but succeeded\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/psa-ff/test_suites/crypto/test_c012/test_c012.h b/psa-ff/test_suites/crypto/test_c012/test_c012.h
new file mode 100644
index 0000000..c4aea18
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c012/test_c012.h
@@ -0,0 +1,35 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C012_CLIENT_TESTS_H_
+#define _TEST_C012_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+#include "val_crypto.h"
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c012_crypto_list[];
+
+int32_t psa_hash_update_test(security_t caller);
+int32_t psa_hash_update_invalid_handle(security_t caller);
+int32_t psa_hash_update_with_completed_handle(security_t caller);
+#endif /* _TEST_C012_CLIENT_TESTS_H_ */
diff --git a/psa-ff/test_suites/crypto/test_c012/test_data.h b/psa-ff/test_suites/crypto/test_c012/test_data.h
new file mode 100644
index 0000000..e7072b0
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c012/test_data.h
@@ -0,0 +1,64 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[50];
+ psa_algorithm_t alg;
+ char input[15];
+ size_t input_length;
+ psa_status_t expected_status;
+} test_data;
+
+test_data check1[] = {
+{"Test psa_hash_update with MD2 algorithm\n",
+ PSA_ALG_MD2, "Hello World", 11, PSA_SUCCESS,
+},
+
+{"Test psa_hash_update with MD4 algorithm\n",
+ PSA_ALG_MD4, "Hello World", 11, PSA_SUCCESS,
+},
+
+{"Test psa_hash_update with MD5 algorithm\n",
+ PSA_ALG_MD5, "Hello World", 11, PSA_SUCCESS,
+},
+
+{"Test psa_hash_update with RIPEMD160 algorithm\n",
+ PSA_ALG_RIPEMD160, "Hello World", 11, PSA_SUCCESS,
+},
+
+{"Test psa_hash_update with SHA1 algorithm\n",
+ PSA_ALG_SHA_1, "Hello World", 11, PSA_SUCCESS,
+},
+
+{"Test psa_hash_update with SHA224 algorithm\n",
+ PSA_ALG_SHA_224, "Hello World", 11, PSA_SUCCESS,
+},
+
+{"Test psa_hash_update with SHA256 algorithm\n",
+ PSA_ALG_SHA_256, "Hello World", 11, PSA_SUCCESS,
+},
+
+{"Test psa_hash_update with SHA384 algorithm\n",
+ PSA_ALG_SHA_384, "Hello World", 11, PSA_SUCCESS,
+},
+
+{"Test psa_hash_update with SHA512 algorithm\n",
+ PSA_ALG_SHA_512, "Hello World", 11, PSA_SUCCESS,
+},
+};
diff --git a/psa-ff/test_suites/crypto/test_c012/test_entry.c b/psa-ff/test_suites/crypto/test_c012/test_entry.c
new file mode 100644
index 0000000..221d9da
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c012/test_entry.c
@@ -0,0 +1,69 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c012.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 12)
+#define TEST_DESC "Testing crypto hash functions APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t i, status = VAL_STATUS_SUCCESS;
+ bool_t destroy_status = TRUE;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c012_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->print(PRINT_DEBUG, "\tPSA destroy all the key slot\n", 0);
+ for (i = 1; i <= MAX_KEY_SLOT; i++)
+ {
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, i);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA destroy key failed for slot number: %d\n", i);
+ destroy_status = FALSE;
+ }
+ }
+
+ if (destroy_status)
+ {
+ val->print(PRINT_DEBUG, "\tPSA all the key slot successfully destroyed\n", 0);
+ }
+
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/crypto/test_c013/source.mk b/psa-ff/test_suites/crypto/test_c013/source.mk
new file mode 100644
index 0000000..3039e72
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c013/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c013.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/crypto/test_c013/test_c013.c b/psa-ff/test_suites/crypto/test_c013/test_c013.c
new file mode 100644
index 0000000..5ba2878
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c013/test_c013.c
@@ -0,0 +1,153 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_c013.h"
+#include "test_data.h"
+#include "val_crypto.h"
+
+client_test_t test_c013_crypto_list[] = {
+ NULL,
+ psa_hash_verify_test,
+ psa_hash_verify_inactive_operation_handle,
+ NULL,
+};
+
+int g_test_count;
+
+int32_t psa_hash_verify_test(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ uint32_t i;
+ psa_hash_operation_t operation;
+ char *hash;
+
+ g_test_count = 1;
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ for (i = 0; i < num_checks; i++)
+ {
+ if (check1[i].alg == PSA_ALG_SHA_384)
+ hash = sha384_hash;
+ else if (check1[i].alg == PSA_ALG_SHA_512)
+ hash = sha512_hash;
+ else
+ hash = check1[i].hash;
+
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Start a multipart hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &operation, check1[i].alg);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash setup failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ /* Add a message fragment to a multipart hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation,
+ &check1[i].input, check1[i].input_length);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash update failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ /* Finish the calculation of the hash of a message and compare it with an expected value*/
+ status = val->crypto_function(VAL_CRYPTO_HASH_VERIFY, &operation, hash,
+ check1[i].hash_length);
+ if (status != check1[i].expected_status)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash verify failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_hash_verify_inactive_operation_handle(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_hash_operation_t operation;
+ char input = 0xbd;
+ size_t input_length = 1;
+ psa_algorithm_t alg = PSA_ALG_SHA_256;
+ size_t hash_length = PSA_HASH_SIZE(alg);
+ char hash[] = {0x68, 0x32, 0x57, 0x20, 0xaa, 0xbd, 0x7c, 0x82, 0xf3, 0x0f,
+ 0x55, 0x4b, 0x31, 0x3d, 0x05, 0x70, 0xc9, 0x5a, 0xcc, 0xbb,
+ 0x7d, 0xc4, 0xb5, 0xaa, 0xe1, 0x12, 0x04, 0xc0, 0x8f, 0xfe,
+ 0x73, 0x2b};
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, "test psa_hash_verify with inactive operation handle\n", 0);
+
+ /* Start a multipart hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &operation, alg);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash setup failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ /* Add a message fragment to a multipart hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation,
+ &input, input_length);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash update failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ /* Finish the calculation of the hash of a message and compare it with an expected value*/
+ status = val->crypto_function(VAL_CRYPTO_HASH_VERIFY, &operation, hash, hash_length);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash verify failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ /* Retry the operation with completed operation handle */
+ status = val->crypto_function(VAL_CRYPTO_HASH_VERIFY, &operation, hash, hash_length);
+ if (status != PSA_ERROR_INVALID_ARGUMENT)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash verify should have failed but succeeded\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/psa-ff/test_suites/crypto/test_c013/test_c013.h b/psa-ff/test_suites/crypto/test_c013/test_c013.h
new file mode 100644
index 0000000..60a16ee
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c013/test_c013.h
@@ -0,0 +1,34 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C013_CLIENT_TESTS_H_
+#define _TEST_C013_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+#include "val_crypto.h"
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c013_crypto_list[];
+
+int32_t psa_hash_verify_test(security_t caller);
+int32_t psa_hash_verify_inactive_operation_handle(security_t caller);
+#endif /* _TEST_C013_CLIENT_TESTS_H_ */
diff --git a/psa-ff/test_suites/crypto/test_c013/test_data.h b/psa-ff/test_suites/crypto/test_c013/test_data.h
new file mode 100644
index 0000000..a5d2df6
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c013/test_data.h
@@ -0,0 +1,109 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[50];
+ psa_algorithm_t alg;
+ char input;
+ size_t input_length;
+ char hash[32];
+ size_t hash_length;
+ psa_status_t expected_status;
+} test_data;
+
+char sha384_hash[] = {0x43, 0x72, 0xe3, 0x8a, 0x92, 0xa2, 0x8b, 0x5d, 0x2c, 0x39, 0x1e, 0x62,
+0x45, 0x2a, 0x86, 0xd5, 0x0e, 0x02, 0x67, 0x22, 0x8b, 0xe1, 0x76, 0xc7, 0x7d, 0x24, 0x02, 0xef,
+0xfe, 0x9f, 0xa5, 0x0d, 0xe4, 0x07, 0xbb, 0xb8, 0x51, 0xb3, 0x7d, 0x59, 0x04, 0xab, 0xa2, 0xde,
+0xde, 0x74, 0xda, 0x2a};
+
+char sha512_hash[] = {0x29, 0x6e, 0x22, 0x67, 0xd7, 0x4c, 0x27, 0x8d, 0xaa, 0xaa, 0x94, 0x0d,
+0x17, 0xb0, 0xcf, 0xb7, 0x4a, 0x50, 0x83, 0xf8, 0xe0, 0x69, 0x72, 0x6d, 0x8c, 0x84, 0x1c, 0xbe,
+0x59, 0x6e, 0x04, 0x31, 0xcb, 0x77, 0x41, 0xa5, 0xb5, 0x0f, 0x71, 0x66, 0x6c, 0xfd, 0x54, 0xba,
+0xcb, 0x7b, 0x00, 0xae, 0xa8, 0x91, 0x49, 0x9c, 0xf4, 0xef, 0x6a, 0x03, 0xc8, 0xa8, 0x3f, 0xe3,
+0x7c, 0x3f, 0x7b, 0xaf};
+
+test_data check1[] = {
+{"Test psa_hash_verify with MD2 algorithm\n",
+ PSA_ALG_MD2, 0xbd, 1,
+ {0x8c, 0x9c, 0x17, 0x66, 0x5d, 0x25, 0xb3, 0x5f, 0xc4, 0x13, 0xc4, 0x18, 0x05, 0xc6, 0x79, 0xcf},
+ 16, PSA_SUCCESS,
+},
+
+{"Test psa_hash_verify with MD4 algorithm\n",
+ PSA_ALG_MD4, 0xbd, 1,
+ {0x18, 0xc3, 0x3f, 0x97, 0x29, 0x7e, 0xfe, 0x5f, 0x8a, 0x73, 0x22, 0x58, 0x28, 0x9f, 0xda, 0x25},
+ 16, PSA_SUCCESS,
+},
+
+{"Test psa_hash_verify with MD5 algorithm\n",
+ PSA_ALG_MD5, 0xbd, 1,
+ {0xab, 0xae, 0x57, 0xcb, 0x56, 0x2e, 0xcf, 0x29, 0x5b, 0x4a, 0x37, 0xa7, 0x6e, 0xfe, 0x61, 0xfb},
+ 16, PSA_SUCCESS,
+},
+
+{"Test psa_hash_verify with RIPEMD160 algorithm\n",
+ PSA_ALG_RIPEMD160, 0xbd, 1,
+ {0x50, 0x89, 0x26, 0x5e, 0xe5, 0xd9, 0xaf, 0x75, 0xd1, 0x2d, 0xbf, 0x7e, 0xa2, 0xf2, 0x7d, 0xbd,
+ 0xee, 0x43, 0x5b, 0x37},
+ 20, PSA_SUCCESS,
+},
+
+{"Test psa_hash_verify with SHA1 algorithm\n",
+ PSA_ALG_SHA_1, 0xbd, 1,
+ {0x90, 0x34, 0xaa, 0xf4, 0x51, 0x43, 0x99, 0x6a, 0x2b, 0x14, 0x46, 0x5c, 0x35, 0x2a, 0xb0, 0xc6,
+ 0xfa, 0x26, 0xb2, 0x21},
+ 20, PSA_SUCCESS,
+},
+
+{"Test psa_hash_verify with SHA224 algorithm\n",
+ PSA_ALG_SHA_224, 0xbd, 1,
+ {0xb1, 0xe4, 0x6b, 0xb9, 0xef, 0xe4, 0x5a, 0xf5, 0x54, 0x36, 0x34, 0x49, 0xc6, 0x94, 0x5a, 0x0d,
+ 0x61, 0x69, 0xfc, 0x3a, 0x5a, 0x39, 0x6a, 0x56, 0xcb, 0x97, 0xcb, 0x57},
+ 28, PSA_SUCCESS,
+},
+
+{"Test psa_hash_verify with SHA256 algorithm\n",
+ PSA_ALG_SHA_256, 0xbd, 1,
+ {0x68, 0x32, 0x57, 0x20, 0xaa, 0xbd, 0x7c, 0x82, 0xf3, 0x0f, 0x55, 0x4b, 0x31, 0x3d, 0x05, 0x70,
+ 0xc9, 0x5a, 0xcc, 0xbb, 0x7d, 0xc4, 0xb5, 0xaa, 0xe1, 0x12, 0x04, 0xc0, 0x8f, 0xfe, 0x73, 0x2b},
+ 32, PSA_SUCCESS,
+},
+
+{"Test psa_hash_verify with SHA384 algorithm\n",
+ PSA_ALG_SHA_384, 0xbd, 1, {0}, 48, PSA_SUCCESS,
+},
+
+{"Test psa_hash_verify with SHA512 algorithm\n",
+ PSA_ALG_SHA_512, 0xbd, 1, {0}, 64, PSA_SUCCESS,
+},
+
+{"Test psa_hash_verify with incorrect expected hash\n",
+ PSA_ALG_SHA_256, 0xbd, 1,
+ {0x68, 0x32, 0x57, 0x20, 0xab, 0xbd, 0x7c, 0x82, 0xf3, 0x0f, 0x55, 0x4b, 0x31, 0x3d, 0x05, 0x70,
+ 0xc9, 0x5a, 0xcc, 0xbb, 0x7d, 0xc4, 0xb5, 0xaa, 0xe1, 0x12, 0x04, 0xc0, 0x8f, 0xfe, 0x73, 0x78},
+ 32, PSA_ERROR_INVALID_SIGNATURE,
+},
+
+{"Test psa_hash_verify with incorrect hash length\n",
+ PSA_ALG_SHA_256, 0xbd, 1,
+ {0x68, 0x32, 0x57, 0x20, 0xaa, 0xbd, 0x7c, 0x82, 0xf3, 0x0f, 0x55, 0x4b, 0x31, 0x3d, 0x05, 0x70,
+ 0xc9, 0x5a, 0xcc, 0xbb, 0x7d, 0xc4, 0xb5, 0xaa, 0xe1, 0x12, 0x04, 0xc0, 0x8f, 0xfe, 0x73, 0x2b},
+ 31, PSA_ERROR_INVALID_SIGNATURE,
+},
+};
diff --git a/psa-ff/test_suites/crypto/test_c013/test_entry.c b/psa-ff/test_suites/crypto/test_c013/test_entry.c
new file mode 100644
index 0000000..08c8b2f
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c013/test_entry.c
@@ -0,0 +1,69 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c013.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 13)
+#define TEST_DESC "Testing crypto hash functions APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t i, status = VAL_STATUS_SUCCESS;
+ bool_t destroy_status = TRUE;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c013_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->print(PRINT_DEBUG, "\tPSA destroy all the key slot\n", 0);
+ for (i = 1; i <= MAX_KEY_SLOT; i++)
+ {
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, i);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA destroy key failed for slot number: %d\n", i);
+ destroy_status = FALSE;
+ }
+ }
+
+ if (destroy_status)
+ {
+ val->print(PRINT_DEBUG, "\tPSA all the key slot successfully destroyed\n", 0);
+ }
+
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/crypto/test_c014/source.mk b/psa-ff/test_suites/crypto/test_c014/source.mk
new file mode 100644
index 0000000..4e75c89
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c014/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c014.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/crypto/test_c014/test_c014.c b/psa-ff/test_suites/crypto/test_c014/test_c014.c
new file mode 100644
index 0000000..e9a1196
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c014/test_c014.c
@@ -0,0 +1,219 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_c014.h"
+#include "test_data.h"
+#include "val_crypto.h"
+
+client_test_t test_c014_crypto_list[] = {
+ NULL,
+ psa_hash_finish_test,
+ psa_hash_finish_inactive_operation_handle,
+ psa_hash_finish_invalid_hash_buffer_size,
+ NULL,
+};
+
+int g_test_count;
+
+int32_t psa_hash_finish_test(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ uint32_t i, j;
+ psa_hash_operation_t operation;
+ char *expected_hash, hash[HASH_64B];
+ size_t hash_length, hash_size = sizeof(hash)/sizeof(hash[0]);
+
+ g_test_count = 1;
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ for (i = 0; i < num_checks; i++)
+ {
+ if (check1[i].alg == PSA_ALG_SHA_384)
+ expected_hash = sha384_hash;
+ else if (check1[i].alg == PSA_ALG_SHA_512)
+ expected_hash = sha512_hash;
+ else
+ expected_hash = check1[i].hash;
+
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Start a multipart hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &operation, check1[i].alg);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash setup failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ /* Add a message fragment to a multipart hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation,
+ &check1[i].input, check1[i].input_length);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash update failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ /* Finish the calculation of the hash of a message */
+ status = val->crypto_function(VAL_CRYPTO_HASH_FINISH, &operation, hash, hash_size,
+ &hash_length);
+ if (status != check1[i].expected_status)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash finish failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ if (status != PSA_SUCCESS)
+ continue;
+
+ if (hash_length != PSA_HASH_SIZE(check1[i].alg))
+ {
+ val->print(PRINT_ERROR, "\tHash length mismatch\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+ for (j = 0; j < hash_length; j++)
+ {
+ if (hash[i] != expected_hash[i])
+ {
+ val->print(PRINT_ERROR, "\tHash data mismatch\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+ }
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_hash_finish_inactive_operation_handle(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_hash_operation_t operation;
+ char input = 0xbd;
+ size_t input_length = 1;
+ psa_algorithm_t alg = PSA_ALG_SHA_256;
+ char hash[HASH_64B];
+ size_t hash_length, hash_size = sizeof(hash)/sizeof(hash[0]);
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, "test psa_hash_finish with inactive operation handle\n", 0);
+
+ /* Start a multipart hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &operation, alg);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash setup failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ /* Add a message fragment to a multipart hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation,
+ &input, input_length);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash update failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ /* Finish the calculation of the hash of a message */
+ status = val->crypto_function(VAL_CRYPTO_HASH_FINISH, &operation, hash, hash_size,
+ &hash_length);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash finish failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ /* Retry the operation with completed operation handle */
+ status = val->crypto_function(VAL_CRYPTO_HASH_FINISH, &operation, hash, hash_size,
+ &hash_length);
+ if (status != PSA_ERROR_INVALID_ARGUMENT)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash finish should have failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_hash_finish_invalid_hash_buffer_size(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_hash_operation_t operation;
+ char input = 0xbd;
+ size_t input_length = 1;
+ psa_algorithm_t alg = PSA_ALG_SHA_256;
+ char hash[HASH_64B];
+ size_t hash_length, hash_size = 10;
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, "test psa_hash_finish with invalid hash buffer size\n", 0);
+
+ /* Start a multipart hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &operation, alg);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash setup failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ /* Add a message fragment to a multipart hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation,
+ &input, input_length);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash update failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ /* Finish the calculation of the hash of a message */
+ status = val->crypto_function(VAL_CRYPTO_HASH_FINISH, &operation, hash, hash_size,
+ &hash_length);
+ if (status != PSA_ERROR_BUFFER_TOO_SMALL)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash finish should have failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/psa-ff/test_suites/crypto/test_c014/test_c014.h b/psa-ff/test_suites/crypto/test_c014/test_c014.h
new file mode 100644
index 0000000..4f0d26a
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c014/test_c014.h
@@ -0,0 +1,35 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C014_CLIENT_TESTS_H_
+#define _TEST_C014_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+#include "val_crypto.h"
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c014_crypto_list[];
+
+int32_t psa_hash_finish_test(security_t caller);
+int32_t psa_hash_finish_inactive_operation_handle(security_t caller);
+int32_t psa_hash_finish_invalid_hash_buffer_size(security_t caller);
+#endif /* _TEST_C014_CLIENT_TESTS_H_ */
diff --git a/psa-ff/test_suites/crypto/test_c014/test_data.h b/psa-ff/test_suites/crypto/test_c014/test_data.h
new file mode 100644
index 0000000..6738c60
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c014/test_data.h
@@ -0,0 +1,95 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[50];
+ psa_algorithm_t alg;
+ char input;
+ size_t input_length;
+ char hash[32];
+ size_t hash_length;
+ psa_status_t expected_status;
+} test_data;
+
+char sha384_hash[] = {0x43, 0x72, 0xe3, 0x8a, 0x92, 0xa2, 0x8b, 0x5d, 0x2c, 0x39, 0x1e, 0x62,
+0x45, 0x2a, 0x86, 0xd5, 0x0e, 0x02, 0x67, 0x22, 0x8b, 0xe1, 0x76, 0xc7, 0x7d, 0x24, 0x02, 0xef,
+0xfe, 0x9f, 0xa5, 0x0d, 0xe4, 0x07, 0xbb, 0xb8, 0x51, 0xb3, 0x7d, 0x59, 0x04, 0xab, 0xa2, 0xde,
+0xde, 0x74, 0xda, 0x2a};
+
+char sha512_hash[] = {0x29, 0x6e, 0x22, 0x67, 0xd7, 0x4c, 0x27, 0x8d, 0xaa, 0xaa, 0x94, 0x0d,
+0x17, 0xb0, 0xcf, 0xb7, 0x4a, 0x50, 0x83, 0xf8, 0xe0, 0x69, 0x72, 0x6d, 0x8c, 0x84, 0x1c, 0xbe,
+0x59, 0x6e, 0x04, 0x31, 0xcb, 0x77, 0x41, 0xa5, 0xb5, 0x0f, 0x71, 0x66, 0x6c, 0xfd, 0x54, 0xba,
+0xcb, 0x7b, 0x00, 0xae, 0xa8, 0x91, 0x49, 0x9c, 0xf4, 0xef, 0x6a, 0x03, 0xc8, 0xa8, 0x3f, 0xe3,
+0x7c, 0x3f, 0x7b, 0xaf};
+
+test_data check1[] = {
+{"Test psa_hash_finish with MD2 algorithm\n",
+ PSA_ALG_MD2, 0xbd, 1,
+ {0x8c, 0x9c, 0x17, 0x66, 0x5d, 0x25, 0xb3, 0x5f, 0xc4, 0x13, 0xc4, 0x18, 0x05, 0xc6, 0x79, 0xcf},
+ 16, PSA_SUCCESS,
+},
+
+{"Test psa_hash_finish with MD4 algorithm\n",
+ PSA_ALG_MD4, 0xbd, 1,
+ {0x18, 0xc3, 0x3f, 0x97, 0x29, 0x7e, 0xfe, 0x5f, 0x8a, 0x73, 0x22, 0x58, 0x28, 0x9f, 0xda, 0x25},
+ 16, PSA_SUCCESS,
+},
+
+{"Test psa_hash_finish with MD5 algorithm\n",
+ PSA_ALG_MD5, 0xbd, 1,
+ {0xab, 0xae, 0x57, 0xcb, 0x56, 0x2e, 0xcf, 0x29, 0x5b, 0x4a, 0x37, 0xa7, 0x6e, 0xfe, 0x61, 0xfb},
+ 16, PSA_SUCCESS,
+},
+
+{"Test psa_hash_finish with RIPEMD160 algorithm\n",
+ PSA_ALG_RIPEMD160, 0xbd, 1,
+ {0x50, 0x89, 0x26, 0x5e, 0xe5, 0xd9, 0xaf, 0x75, 0xd1, 0x2d, 0xbf, 0x7e, 0xa2, 0xf2, 0x7d, 0xbd,
+ 0xee, 0x43, 0x5b, 0x37},
+ 20, PSA_SUCCESS,
+},
+
+{"Test psa_hash_finish with SHA1 algorithm\n",
+ PSA_ALG_SHA_1, 0xbd, 1,
+ {0x90, 0x34, 0xaa, 0xf4, 0x51, 0x43, 0x99, 0x6a, 0x2b, 0x14, 0x46, 0x5c, 0x35, 0x2a, 0xb0, 0xc6,
+ 0xfa, 0x26, 0xb2, 0x21},
+ 20, PSA_SUCCESS,
+},
+
+{"Test psa_hash_finish with SHA224 algorithm\n",
+ PSA_ALG_SHA_224, 0xbd, 1,
+ {0xb1, 0xe4, 0x6b, 0xb9, 0xef, 0xe4, 0x5a, 0xf5, 0x54, 0x36, 0x34, 0x49, 0xc6, 0x94, 0x5a, 0x0d,
+ 0x61, 0x69, 0xfc, 0x3a, 0x5a, 0x39, 0x6a, 0x56, 0xcb, 0x97, 0xcb, 0x57},
+ 28, PSA_SUCCESS,
+},
+
+{"Test psa_hash_finish with SHA256 algorithm\n",
+ PSA_ALG_SHA_256, 0xbd, 1,
+ {0x68, 0x32, 0x57, 0x20, 0xaa, 0xbd, 0x7c, 0x82, 0xf3, 0x0f, 0x55, 0x4b, 0x31, 0x3d, 0x05, 0x70,
+ 0xc9, 0x5a, 0xcc, 0xbb, 0x7d, 0xc4, 0xb5, 0xaa, 0xe1, 0x12, 0x04, 0xc0, 0x8f, 0xfe, 0x73, 0x2b},
+ 32, PSA_SUCCESS,
+},
+
+{"Test psa_hash_finish with SHA384 algorithm\n",
+ PSA_ALG_SHA_384, 0xbd, 1, {0}, 48, PSA_SUCCESS,
+},
+
+{"Test psa_hash_finish with SHA512 algorithm\n",
+ PSA_ALG_SHA_512, 0xbd, 1, {0}, 64, PSA_SUCCESS,
+},
+};
diff --git a/psa-ff/test_suites/crypto/test_c014/test_entry.c b/psa-ff/test_suites/crypto/test_c014/test_entry.c
new file mode 100644
index 0000000..bc174f8
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c014/test_entry.c
@@ -0,0 +1,69 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c014.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 14)
+#define TEST_DESC "Testing crypto hash functions APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t i, status = VAL_STATUS_SUCCESS;
+ bool_t destroy_status = TRUE;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c014_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->print(PRINT_DEBUG, "\tPSA destroy all the key slot\n", 0);
+ for (i = 1; i <= MAX_KEY_SLOT; i++)
+ {
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, i);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA destroy key failed for slot number: %d\n", i);
+ destroy_status = FALSE;
+ }
+ }
+
+ if (destroy_status)
+ {
+ val->print(PRINT_DEBUG, "\tPSA all the key slot successfully destroyed\n", 0);
+ }
+
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/crypto/test_c015/source.mk b/psa-ff/test_suites/crypto/test_c015/source.mk
new file mode 100644
index 0000000..66ef2a2
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c015/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_c015.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/crypto/test_c015/test_c015.c b/psa-ff/test_suites/crypto/test_c015/test_c015.c
new file mode 100644
index 0000000..b31f560
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c015/test_c015.c
@@ -0,0 +1,142 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_c015.h"
+#include "test_data.h"
+#include "val_crypto.h"
+
+client_test_t test_c015_crypto_list[] = {
+ NULL,
+ psa_hash_abort_test,
+ psa_hash_abort_before_operation_finish,
+ NULL,
+};
+
+int g_test_count;
+
+int32_t psa_hash_abort_test(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ int num_checks = sizeof(check1)/sizeof(check1[0]);
+ uint32_t i;
+ psa_hash_operation_t operation;
+
+ g_test_count = 1;
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ for (i = 0; i < num_checks; i++)
+ {
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, check1[i].test_desc, 0);
+
+ /* Start a multipart hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &operation, check1[i].alg);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash setup failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ /* Abort a hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_ABORT, &operation);
+ if (status != check1[i].expected_status)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash abort failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ /* Multiple hash abort should succeed */
+ status = val->crypto_function(VAL_CRYPTO_HASH_ABORT, &operation);
+ if (status != check1[i].expected_status)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash abort failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_hash_abort_before_operation_finish(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_hash_operation_t operation;
+ char input = 0xbd;
+ size_t input_length = 1;
+ psa_algorithm_t alg = PSA_ALG_SHA_256;
+ char hash[HASH_64B];
+ size_t hash_length, hash_size = sizeof(hash)/sizeof(hash[0]);
+
+ /* Initialize the PSA crypto library*/
+ if (val->crypto_function(VAL_CRYPTO_INIT) != PSA_SUCCESS)
+ {
+ return VAL_STATUS_INIT_FAILED;
+ }
+
+ val->print(PRINT_TEST, "[Check %d] ", g_test_count++);
+ val->print(PRINT_TEST, "Test psa_hash_finish after calling psa_hash_abort\n", 0);
+
+ /* Start a multipart hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_SETUP, &operation, alg);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash setup failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ /* Add a message fragment to a multipart hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_UPDATE, &operation,
+ &input, input_length);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash update failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ /* Abort a hash operation */
+ status = val->crypto_function(VAL_CRYPTO_HASH_ABORT, &operation);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash abort failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ /* Finish the calculation of the hash of a message */
+ status = val->crypto_function(VAL_CRYPTO_HASH_FINISH, &operation, hash, hash_size,
+ &hash_length);
+ if (status != PSA_ERROR_INVALID_ARGUMENT)
+ {
+ val->print(PRINT_ERROR, "\tPSA hash finish should have failed\n", 0);
+ return VAL_STATUS_INVALID;
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/psa-ff/test_suites/crypto/test_c015/test_c015.h b/psa-ff/test_suites/crypto/test_c015/test_c015.h
new file mode 100644
index 0000000..ec3574d
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c015/test_c015.h
@@ -0,0 +1,34 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST_C015_CLIENT_TESTS_H_
+#define _TEST_C015_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+#include "val_crypto.h"
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+extern client_test_t test_c015_crypto_list[];
+
+int32_t psa_hash_abort_test(security_t caller);
+int32_t psa_hash_abort_before_operation_finish(security_t caller);
+#endif /* _TEST_C015_CLIENT_TESTS_H_ */
diff --git a/psa-ff/test_suites/crypto/test_c015/test_data.h b/psa-ff/test_suites/crypto/test_c015/test_data.h
new file mode 100644
index 0000000..d06bf4a
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c015/test_data.h
@@ -0,0 +1,62 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+
+typedef struct {
+ char test_desc[50];
+ psa_algorithm_t alg;
+ psa_status_t expected_status;
+} test_data;
+
+test_data check1[] = {
+{"Test psa_hash_abort with MD2 algorithm\n",
+ PSA_ALG_MD2, PSA_SUCCESS,
+},
+
+{"Test psa_hash_abort with MD4 algorithm\n",
+ PSA_ALG_MD4, PSA_SUCCESS,
+},
+
+{"Test psa_hash_abort with MD5 algorithm\n",
+ PSA_ALG_MD5, PSA_SUCCESS,
+},
+
+{"Test psa_hash_abort with RIPEMD160 algorithm\n",
+ PSA_ALG_RIPEMD160, PSA_SUCCESS,
+},
+
+{"Test psa_hash_abort with SHA1 algorithm\n",
+ PSA_ALG_SHA_1, PSA_SUCCESS,
+},
+
+{"Test psa_hash_abort with SHA224 algorithm\n",
+ PSA_ALG_SHA_224, PSA_SUCCESS,
+},
+
+{"Test psa_hash_abort with SHA256 algorithm\n",
+ PSA_ALG_SHA_256, PSA_SUCCESS,
+},
+
+{"Test psa_hash_abort with SHA384 algorithm\n",
+ PSA_ALG_SHA_384, PSA_SUCCESS,
+},
+
+{"Test psa_hash_abort with SHA512 algorithm\n",
+ PSA_ALG_SHA_512, PSA_SUCCESS,
+},
+};
diff --git a/psa-ff/test_suites/crypto/test_c015/test_entry.c b/psa-ff/test_suites/crypto/test_c015/test_entry.c
new file mode 100644
index 0000000..2b112dd
--- /dev/null
+++ b/psa-ff/test_suites/crypto/test_c015/test_entry.c
@@ -0,0 +1,69 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_c015.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_CRYPTO_BASE, 15)
+#define TEST_DESC "Testing crypto hash functions APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t i, status = VAL_STATUS_SUCCESS;
+ bool_t destroy_status = TRUE;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_HIGH_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_crypto_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_c015_crypto_list, FALSE);
+
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->print(PRINT_DEBUG, "\tPSA destroy all the key slot\n", 0);
+ for (i = 1; i <= MAX_KEY_SLOT; i++)
+ {
+ status = val->crypto_function(VAL_CRYPTO_DESTROY_KEY, i);
+ if (status != PSA_SUCCESS)
+ {
+ val->print(PRINT_ERROR, "\tPSA destroy key failed for slot number: %d\n", i);
+ destroy_status = FALSE;
+ }
+ }
+
+ if (destroy_status)
+ {
+ val->print(PRINT_DEBUG, "\tPSA all the key slot successfully destroyed\n", 0);
+ }
+
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/crypto/testsuite.db b/psa-ff/test_suites/crypto/testsuite.db
new file mode 100644
index 0000000..8ad7c56
--- /dev/null
+++ b/psa-ff/test_suites/crypto/testsuite.db
@@ -0,0 +1,39 @@
+#/** @file
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+
+#List of tests to be compiled and run as part of crypto suite
+
+(START)
+
+test_c001
+test_c002
+test_c003
+test_c004
+test_c005
+test_c006
+test_c007
+test_c008
+test_c009
+test_c010
+test_c011
+test_c012
+test_c013
+test_c014
+test_c015
+
+(END)
diff --git a/psa-ff/test_suites/ipc/test_i001/source.mk b/psa-ff/test_suites/ipc/test_i001/source.mk
new file mode 100644
index 0000000..eb23179
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i001/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i001.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i001/test_entry.c b/psa-ff/test_suites/ipc/test_i001/test_entry.c
new file mode 100644
index 0000000..d194ca7
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i001/test_entry.c
@@ -0,0 +1,60 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i001.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 1)
+#define TEST_DESC "Testing psa_framework_version and psa_version APIs\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side */
+ status = val->execute_non_secure_tests(TEST_NUM, test_i001_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i001/test_i001.c b/psa-ff/test_suites/ipc/test_i001/test_i001.c
new file mode 100644
index 0000000..dd54077
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i001/test_i001.c
@@ -0,0 +1,93 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i001.h"
+
+client_test_t test_i001_client_tests_list[] = {
+ NULL,
+ client_test_psa_framework_version,
+ client_test_psa_version,
+ NULL,
+};
+
+int32_t client_test_psa_framework_version(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val->print(PRINT_TEST, "[Check1] psa_framework_version\n", 0);
+
+ /* Retrieve the version of the PSA Framework API that is implemented.*/
+ if (psa->framework_version() != PSA_FRAMEWORK_VERSION)
+ {
+ status = VAL_STATUS_FRAMEWORK_VERSION_FAILED;
+ val->print(PRINT_ERROR,
+ "\tpsa_framework_version API failed, Returned=0x%x\n", (psa->framework_version()));
+ }
+
+ return status;
+}
+
+int32_t client_test_psa_version(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ uint32_t version;
+
+ val->print(PRINT_TEST, "[Check2] psa_version\n", 0);
+
+ /*Return PSA_VERSION_NONE when the RoT Service is not implemented, or the caller is not permitted
+ to access the service. Return minor version of the implemented and allowed RoT Service */
+ /* psa_version() check for un-implemented SID */
+ if (psa->version(INVALID_SID) != PSA_VERSION_NONE)
+ {
+ status = VAL_STATUS_VERSION_API_FAILED;
+ }
+
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(101), status))
+ {
+ return status;
+ }
+
+ /* psa_version() check for implemented SID but allows only secure connection */
+ version = psa->version(SERVER_SECURE_CONNECT_ONLY_SID);
+ if (((caller == NONSECURE) && (version != PSA_VERSION_NONE))
+ || ((caller == SECURE) && (version != 2)))
+ {
+ status = VAL_STATUS_VERSION_API_FAILED;
+ val->print(PRINT_ERROR,
+ "\tpsa_version API failed for SID which allows secure only connection\n", 0);
+ }
+
+ if (val->err_check_set(TEST_CHECKPOINT_NUM(102), status))
+ {
+ return status;
+ }
+
+ /* psa_version() returns minor version of the implemented and allowed RoT Service */
+ if (psa->version(SERVER_TEST_DISPATCHER_SID) != 1)
+ {
+ status = VAL_STATUS_VERSION_API_FAILED;
+ }
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i001/test_i001.h b/psa-ff/test_suites/ipc/test_i001/test_i001.h
new file mode 100644
index 0000000..967f66e
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i001/test_i001.h
@@ -0,0 +1,33 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST001_CLIENT_TESTS_H_
+#define _TEST001_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i001_client_tests_list[];
+
+int32_t client_test_psa_framework_version(security_t);
+int32_t client_test_psa_version(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i001/test_supp_i001.c b/psa-ff/test_suites/ipc/test_i001/test_supp_i001.c
new file mode 100644
index 0000000..ce6de38
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i001/test_supp_i001.c
@@ -0,0 +1,41 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_framework_version(void);
+int32_t server_test_psa_version(void);
+
+server_test_t test_i001_server_tests_list[] = {
+ NULL,
+ server_test_psa_framework_version,
+ server_test_psa_version,
+ NULL,
+};
+
+int32_t server_test_psa_framework_version(void)
+{
+ val_err_check_set(TEST_CHECKPOINT_NUM(201), VAL_STATUS_SUCCESS);
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t server_test_psa_version(void)
+{
+ val_err_check_set(TEST_CHECKPOINT_NUM(202), VAL_STATUS_SUCCESS);
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/psa-ff/test_suites/ipc/test_i002/source.mk b/psa-ff/test_suites/ipc/test_i002/source.mk
new file mode 100644
index 0000000..daec7a1
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i002/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i002.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i002/test_entry.c b/psa-ff/test_suites/ipc/test_i002/test_entry.c
new file mode 100644
index 0000000..8d23bd2
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i002/test_entry.c
@@ -0,0 +1,60 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i002.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 2)
+#define TEST_DESC "Testing RoT connect and disconnect cases\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i002_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i002/test_i002.c b/psa-ff/test_suites/ipc/test_i002/test_i002.c
new file mode 100644
index 0000000..74be819
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i002/test_i002.c
@@ -0,0 +1,286 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i002.h"
+
+client_test_t test_i002_client_tests_list[] = {
+ NULL,
+ client_test_connection_busy_and_reject,
+ client_test_accept_and_close_connect,
+ client_test_connect_with_allowed_minor_version_policy,
+ client_test_psa_call_with_allowed_status_code,
+ client_test_identity,
+ client_test_spm_concurrent_connect_limit,
+ client_test_psa_wait_any_with_psa_block,
+ client_test_psa_wait_any_with_psa_poll,
+ NULL,
+};
+
+int32_t client_test_connection_busy_and_reject(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check1] Test busy and reject connect type\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ /* The RoT Service can't make connection at this moment.
+ * Expect PSA_CONNECTION_BUSY by RoT service.
+ */
+ if (handle != PSA_CONNECTION_BUSY)
+ {
+ val->print(PRINT_ERROR, "Expected handle=PSA_CONNECTION_BUSY but handle=0x%x\n", handle);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ /* The RoT Service rejected the client because of an application-specific case
+ * Expect PSA_CONNECTION_REFUSED by RoT service
+ */
+ if (handle != PSA_CONNECTION_REFUSED)
+ {
+ val->print(PRINT_ERROR, "Expected handle=PSA_CONNECTION_REFUSED but handle=0x%x\n", handle);
+ status = VAL_STATUS_INVALID_HANDLE;
+ }
+
+ return status;
+}
+
+int32_t client_test_accept_and_close_connect(security_t caller)
+{
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check2] Accept and close connection\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ /* RoT service accepts the connection. Expecting positive handle */
+ if (handle < 0)
+ {
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ /* psa_close with PSA_NULL_HANDLE. This shoudn't have any effect */
+ psa->close(PSA_NULL_HANDLE);
+
+ /* Close the connection */
+ psa->close(handle);
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t client_test_connect_with_allowed_minor_version_policy(security_t caller)
+{
+ psa_handle_t handle = 0;
+ uint32_t i = 0;
+ uint32_t sid[] = {SERVER_UNSPECIFED_MINOR_V_SID,
+ SERVER_STRICT_MINOR_VERSION_SID,
+ SERVER_RELAX_MINOR_VERSION_SID,
+ SERVER_RELAX_MINOR_VERSION_SID};
+ uint32_t minor_v[] = {1, 2, 1, 2};
+
+ val->print(PRINT_TEST, "[Check3] Test psa_connect with allowed minor version policy\n", 0);
+
+ /* Connect RoT service with following minor version numbers and expect positive handle for
+ * each connection:
+ * Case 1. Version policy is not mentioned and requested version is 1 (default minimum version)
+ * Case 2. Version policy is STRICT and requested version equals minimum version
+ * Case 3. Version policy is relaxed and requested version is smaller than the minimum version
+ * Case 4. Version policy is relaxed and requested version is euqal to the minimum version
+ */
+
+ for (i = 0; i < (sizeof(sid)/sizeof(sid[0])); i++)
+ {
+ handle = psa->connect(sid[i], minor_v[i]);
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR,
+ "\tpsa_connect failed for minor_v policy. Iteration No=%d\n", i);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ psa->close(handle);
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t psa_call_with_null_msg(int32_t expected_status)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ if (handle < 0)
+ {
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ /* Compare status code returned with expected status code */
+ if (status_of_call != expected_status)
+ {
+ status = VAL_STATUS_CALL_FAILED;
+ }
+
+ psa->close(handle);
+ return status;
+}
+
+int32_t client_test_psa_call_with_allowed_status_code(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_status_t expected_status_code[] = {PSA_SUCCESS, 1, 2, INT32_MAX, -1, -2, INT32_MIN+128};
+ uint32_t i = 0;
+
+ val->print(PRINT_TEST, "[Check4] Test psa_call with allowed status code\n", 0);
+
+ for (i = 0; i < (sizeof(expected_status_code)/sizeof(expected_status_code[0])); i++)
+ {
+ /* Compare the status code sent by RoT service with expected code */
+ status = psa_call_with_null_msg(expected_status_code[i]);
+ if (VAL_ERROR(status))
+ {
+ val->print(PRINT_ERROR,
+ "psa_call failed for status code=0x%x\n", expected_status_code[i]);
+ return status;
+ }
+ }
+ return status;
+}
+
+int32_t client_test_identity(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+ int id_at_connect = 0, id_at_call = 0;
+
+ val->print(PRINT_TEST, "[Check5] Test client_id\n", 0);
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ if (handle < 0)
+ {
+ return(VAL_STATUS_INVALID_HANDLE);
+ }
+
+ psa_outvec resp[2] = {{&id_at_connect, sizeof(id_at_call)},
+ {&id_at_call, sizeof(id_at_call)}};
+
+ status_of_call = psa->call(handle, NULL, 0, resp, 2);
+
+
+ if (status_of_call != PSA_SUCCESS)
+ {
+ status = VAL_STATUS_CALL_FAILED;
+ }
+ /* For NSPE access, identity should be < 0 */
+ else if ((caller == NONSECURE) && ((id_at_connect != id_at_call)
+ || (id_at_connect >=0) || (id_at_call >=0)))
+ {
+ status = VAL_STATUS_WRONG_IDENTITY;
+ }
+ /* For SPE access, identity should be > 0 */
+ else if ((caller == SECURE) && ((id_at_connect != id_at_call)
+ || (id_at_connect <=0) || (id_at_call <=0)))
+ {
+ status = VAL_STATUS_WRONG_IDENTITY;
+ }
+ psa->close(handle);
+
+ return status;
+}
+
+int32_t client_test_spm_concurrent_connect_limit(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle[CONNECT_LIMIT] = {0};
+ int i= 0, signture = 0;
+
+ val->print(PRINT_TEST, "[Check6] Test connect limit\n", 0);
+
+ /* Execute psa_connect in a loop until it returns
+ * PSA_CONNECTION_REFUSED OR PSA_CONNECTION_BUSY
+ */
+ while (i < CONNECT_LIMIT)
+ {
+ handle[i] = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ /* Compare handle value */
+ if ((handle[i] == PSA_CONNECTION_REFUSED) || (handle[i] == PSA_CONNECTION_BUSY))
+ {
+ signture = 1;
+ break;
+ }
+ i++;
+ }
+
+ if (signture != 1)
+ {
+ /* Didn't recieve expected return handle value */
+ status = VAL_STATUS_SPM_FAILED;
+ i--;
+ }
+
+ while (i >= 0)
+ {
+ if (handle[i] > 0)
+ {
+ /* Close all open connection to RoT service */
+ psa->close(handle[i]);
+ }
+ i--;
+ }
+ return status;
+}
+
+int32_t client_test_psa_wait_any(void)
+{
+ psa_handle_t handle[CONNECT_NUM] = {0};
+ int i = 0;
+
+ for(i = 0; i < CONNECT_NUM; i++)
+ {
+ handle[i] = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ if (handle[i] != PSA_CONNECTION_REFUSED)
+ {
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t client_test_psa_wait_any_with_psa_block(security_t caller)
+{
+ val->print(PRINT_TEST, "[Check7] Test psa_wait_any with PSA_BLOCK\n", 0);
+ return (client_test_psa_wait_any());
+}
+
+int32_t client_test_psa_wait_any_with_psa_poll(security_t caller)
+{
+ val->print(PRINT_TEST, "[Check8] Test psa_wait_any with PSA_POLL\n", 0);
+ return (client_test_psa_wait_any());
+}
diff --git a/psa-ff/test_suites/ipc/test_i002/test_i002.h b/psa-ff/test_suites/ipc/test_i002/test_i002.h
new file mode 100644
index 0000000..2c425b5
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i002/test_i002.h
@@ -0,0 +1,42 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST002_CLIENT_TESTS_H_
+#define _TEST002_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+#define CONNECT_LIMIT 20
+#define CONNECT_NUM 2
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i002_client_tests_list[];
+
+int32_t client_test_connection_busy_and_reject(security_t);
+int32_t client_test_accept_and_close_connect(security_t);
+int32_t client_test_connect_with_allowed_minor_version_policy(security_t);
+int32_t client_test_psa_call_with_allowed_status_code(security_t);
+int32_t client_test_identity(security_t);
+int32_t client_test_spm_concurrent_connect_limit(security_t);
+int32_t client_test_psa_wait_any_with_psa_block(security_t);
+int32_t client_test_psa_wait_any_with_psa_poll(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i002/test_supp_i002.c b/psa-ff/test_suites/ipc/test_i002/test_supp_i002.c
new file mode 100644
index 0000000..5fc2319
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i002/test_supp_i002.c
@@ -0,0 +1,373 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+#define CONNECT_NUM 2
+
+int32_t server_test_connection_busy_and_reject(void);
+int32_t server_test_accept_and_close_connect(void);
+int32_t server_test_connect_with_allowed_minor_version_policy(void);
+int32_t server_test_psa_call_with_allowed_status_code(void);
+int32_t server_test_identity(void);
+int32_t server_test_spm_concurrent_connect_limit(void);
+int32_t server_test_psa_wait_any_with_psa_block(void);
+int32_t server_test_psa_wait_any_with_psa_poll(void);
+
+server_test_t test_i002_server_tests_list[] = {
+ NULL,
+ server_test_connection_busy_and_reject,
+ server_test_accept_and_close_connect,
+ server_test_connect_with_allowed_minor_version_policy,
+ server_test_psa_call_with_allowed_status_code,
+ server_test_identity,
+ server_test_spm_concurrent_connect_limit,
+ server_test_psa_wait_any_with_psa_block,
+ server_test_psa_wait_any_with_psa_poll,
+ NULL,
+};
+
+int32_t server_test_connection_busy_and_reject(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ /* Checks performed:
+ * psa_wait_any()- Returns > 0 when at least one signal is asserted
+ * check delivery of PSA_IPC_CONNECT when psa_connect called.
+ * And msg.handle must be positive.
+ */
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ return status;
+ }
+
+ /* Rejecting connection to check behaviour of PSA_CONNECTION_BUSY */
+ psa_reply(msg.handle, PSA_CONNECTION_BUSY);
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ return status;
+ }
+
+ /* Rejecting connection to check behaviour of PSA_CONNECTION_REFUSED */
+ psa_reply(msg.handle, PSA_CONNECTION_BUSY);
+ return status;
+}
+
+int32_t server_test_accept_and_close_connect(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ /* Reject the connection if processing of connect request has failed */
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /* Accepting connection to check behaviour of PSA_SUCCESS */
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ /* Checking delivery of PSA_IPC_DISCONNECT when psa_close called
+ * msg.handle must be positive
+ */
+ status = val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(204), status))
+ {
+ return status;
+ }
+
+ /* Sanity check - if the message type is PSA_IPC_DISCONNECT then the status code is ignored.*/
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ /* Debug print for sanity check */
+ val_err_check_set(TEST_CHECKPOINT_NUM(205), status);
+ return status;
+}
+
+int32_t server_test_connect_with_allowed_minor_version_policy(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ int i = 0;
+ psa_signal_t signal[4] = {SERVER_UNSPECIFED_MINOR_V_SIG,
+ SERVER_STRICT_MINOR_VERSION_SIG,
+ SERVER_RELAX_MINOR_VERSION_SIG,
+ SERVER_RELAX_MINOR_VERSION_SIG};
+
+ for (i = 0; i < 4; i++)
+ {
+ status = ((val_process_connect_request(signal[i], &msg))
+ ? VAL_STATUS_ERROR : status);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(206), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = ((val_process_disconnect_request(signal[i], &msg))
+ ? VAL_STATUS_ERROR : status);
+ val_err_check_set(TEST_CHECKPOINT_NUM(207), status);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ }
+ return status;
+}
+
+int32_t server_test_psa_call_with_allowed_status_code(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint32_t i = 0;
+ psa_status_t status_code[] = {PSA_SUCCESS, 1, 2, INT32_MAX, -1, -2, INT32_MIN+128};
+
+ for (i = 0; i < (sizeof(status_code)/sizeof(status_code[0])); i++)
+ {
+ status = ((val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ ? VAL_STATUS_ERROR : status);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(208), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(209), status))
+ {
+ /* Send status code other than status_code[] to indicate failure
+ * in processing call request
+ */
+ psa_reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Send various status code available in status_code[] */
+ psa_reply(msg.handle, status_code[i]);
+ }
+
+ status = ((val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ ? VAL_STATUS_ERROR : status);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ val_err_check_set(TEST_CHECKPOINT_NUM(210), status);
+ }
+ return status;
+}
+
+int32_t server_test_identity(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ int id_at_connect = 0, id_at_call = 0;
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(211), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /* Client ID during connect */
+ id_at_connect = msg.client_id;
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(212), status))
+ {
+ psa_reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Client ID during call */
+ id_at_call = msg.client_id;
+ psa_write(msg.handle, 0, &id_at_connect, msg.out_size[0]);
+ psa_write(msg.handle, 1, &id_at_call, msg.out_size[1]);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ }
+
+ status = val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ val_err_check_set(TEST_CHECKPOINT_NUM(213), status);
+ /* Client ID during disconnect. It should be equal to id_at_call */
+ if (msg.client_id != id_at_call)
+ {
+ val_print(PRINT_ERROR, "\tmsg.client_id failed for IPC_DISCONNECT", 0);
+ status = VAL_STATUS_WRONG_IDENTITY;
+ }
+
+ /* A Partition must have an alphanumeric name for source code to directly refer
+ * to a specific Partition. The Secure Partition ID can be referenced in
+ * Secure Partition source code via the symbolic name specified as name attribute.
+ * The symbol must have the value of the Secure Partition ID.
+ * Using CLIENT_PARTITION define to cover this rule.
+ */
+ if ((msg.client_id > 0) && (msg.client_id != CLIENT_PARTITION))
+ {
+ val_print(PRINT_ERROR, "\tmsg.client_id failed for CLIENT_PARTITION", 0);
+ status = VAL_STATUS_WRONG_IDENTITY;
+ }
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
+
+int32_t server_test_spm_concurrent_connect_limit(void)
+{
+ psa_signal_t signals = 0;
+ psa_msg_t msg = {0};
+ int count = 0;
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ while (1)
+ {
+ signals = psa_wait_any(PSA_BLOCK);
+ if ((signals & SERVER_UNSPECIFED_MINOR_V_SIG) == 0)
+ {
+ val_print(PRINT_ERROR,
+ "psa_wait_any returned with invalid signal value = 0x%x\n", signals);
+ return VAL_STATUS_ERROR;
+ }
+
+ psa_get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ switch(msg.type)
+ {
+ case PSA_IPC_CONNECT:
+ /* serve bulk connect cases to reach connect limit */
+ count++;
+ psa_reply(msg.handle, PSA_SUCCESS);
+ break;
+ case PSA_IPC_DISCONNECT:
+ /* serve bulk disconnect cases */
+ count--;
+ psa_reply(msg.handle, PSA_SUCCESS);
+ }
+ if (count == 0)
+ {
+ /* Closed all open connection. Come out of loop */
+ break;
+ }
+ }
+ return status;
+}
+
+int32_t server_test_psa_wait_any_with_psa_block(void)
+{
+ psa_signal_t signals = 0;
+ psa_msg_t msg = {0};
+ int expected_connect_count = 0, while_count = 0;
+
+ /* Calling psa_wait_any in a loop and comparing the count value
+ * to check whether PSA_BLOCK is not giving polling behaviour
+ */
+ while (1)
+ {
+ /* Debug print */
+ val_err_check_set(TEST_CHECKPOINT_NUM(214), VAL_STATUS_SUCCESS);
+
+ /* Ored with 0xFF to check timeout[30:0]=RES is ignored by implementation */
+ signals = psa_wait_any(PSA_BLOCK | 0xFF);
+
+ /* Count how many times while loop executed */
+ while_count++;
+
+ /* When MODE is one(PSA_BLOCK), the psa_wait_any must return non-zero signal value */
+ if ((signals & SERVER_UNSPECIFED_MINOR_V_SIG) == 0)
+ {
+ val_print(PRINT_ERROR,
+ "psa_wait_any returned with invalid signal value = 0x%x\n", signals);
+ return VAL_STATUS_ERROR;
+ }
+ else
+ {
+ psa_get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+
+ /* Count how many times non-zero signal value returned */
+ expected_connect_count++;
+ }
+
+ if (expected_connect_count == CONNECT_NUM)
+ {
+ /* Come out of loop as we reached required connect limit*/
+ break;
+ }
+ }
+
+ /* For PSA_BLOCK, expected_connect_count should be equal to while_count. */
+ if (expected_connect_count != while_count)
+ {
+ return VAL_STATUS_SPM_FAILED;
+ }
+ return VAL_STATUS_SUCCESS;
+}
+
+int32_t server_test_psa_wait_any_with_psa_poll(void)
+{
+ psa_signal_t signals = 0, signals_temp = 0;
+ psa_msg_t msg = {0};
+ int count = 0;
+
+ while (1)
+ {
+ /* Debug print */
+ val_err_check_set(TEST_CHECKPOINT_NUM(215), VAL_STATUS_SUCCESS);
+
+ /* Loop to receive client request */
+ while (signals == 0)
+ {
+ signals = psa_wait_any(PSA_POLL);
+ }
+
+ /* When MODE is zero(PSA_POLL), the psa_wait_any will return immediately with the current
+ * signal state, which can be zero if no signals are active. Exepecting following call to
+ * return immediately as none of client is making request.
+ */
+ signals_temp = psa_wait_any(PSA_POLL);
+
+ if (signals_temp == 0)
+ {
+ val_print(PRINT_ERROR,
+ "psa_wait_any returned with invalid signals_temp = 0x%x\n", signals_temp);
+ return VAL_STATUS_ERROR;
+ }
+ else if ((signals & SERVER_UNSPECIFED_MINOR_V_SIG) == 0)
+ {
+ val_print(PRINT_ERROR,
+ "psa_wait_any returned with invalid signal value = 0x%x\n", signals);
+ return VAL_STATUS_ERROR;
+ }
+ else
+ {
+ psa_get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ count++;
+ signals = 0;
+ }
+
+ if (count == CONNECT_NUM)
+ {
+ /* Come out of loop as we reached required connect limit*/
+ break;
+ }
+ }
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/psa-ff/test_suites/ipc/test_i003/source.mk b/psa-ff/test_suites/ipc/test_i003/source.mk
new file mode 100644
index 0000000..70ad2da
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i003/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i003.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i003/test_entry.c b/psa-ff/test_suites/ipc/test_i003/test_entry.c
new file mode 100644
index 0000000..e513106
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i003/test_entry.c
@@ -0,0 +1,60 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i003.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 3)
+#define TEST_DESC "Testing IOVECS\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i003_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i003/test_i003.c b/psa-ff/test_suites/ipc/test_i003/test_i003.c
new file mode 100644
index 0000000..114f673
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i003/test_i003.c
@@ -0,0 +1,327 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i003.h"
+
+client_test_t test_i003_client_tests_list[] = {
+ NULL,
+ client_test_zero_length_invec,
+ client_test_zero_length_outvec,
+ client_test_call_read_and_skip,
+ client_test_call_and_write,
+ client_test_psa_set_rhandle,
+ client_test_overlapping_vectors,
+ NULL,
+};
+
+int32_t client_test_zero_length_invec(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ int data[4] = {0x11, 0x22};
+
+ val->print(PRINT_TEST, "[Check1] Test zero length invec\n", 0);
+
+ if (val->ipc_connect(SERVER_UNSPECIFED_MINOR_V_SID, 1, &handle))
+ {
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
+
+ /* Invec 0 as zero length vector
+ * Invec 1 as NULL
+ * Invec 2 as valid msg pointer which is not zero length memory pointer
+ */
+ psa_invec data1[3] = {{&data[0], 0},
+ {NULL, 0},
+ {&data[1], sizeof(data[1])}};
+
+ /* Outvec 0 as valid msg pointer which is not zero length memory pointer
+ * Outvec 1 to 3 are NULL
+ */
+ psa_outvec resp[1] = {{&data[2], sizeof(data[2])}};
+
+ status = psa->call(handle, data1, 3, resp, 1);
+
+ if (status < 0)
+ {
+ status = VAL_STATUS_CALL_FAILED;
+ }
+ else if (data[2] != data[1])
+ {
+ val->print(PRINT_ERROR, "\tExpected data=%x\n", data[1]);
+ val->print(PRINT_ERROR, "\tBut actual data=%x\n", data[2]);
+ status = VAL_STATUS_WRITE_FAILED;
+ }
+ else if (resp[0].len != sizeof(data[1]))
+ {
+ val->print(PRINT_ERROR, "\tExpected size= %x\n", sizeof(data[1]));
+ val->print(PRINT_ERROR, "\tBut actual size=%x\n", resp[0].len);
+ status = VAL_STATUS_WRITE_FAILED;
+ }
+
+ if (VAL_ERROR(status))
+ {
+ val->print(PRINT_ERROR, "\tpsa_call failed. status=%x\n", status);
+ }
+
+ val->ipc_close(handle);
+ return status;
+}
+
+int32_t client_test_zero_length_outvec(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ int data[4] = {0x11};
+
+ val->print(PRINT_TEST, "[Check2] Test zero length outvec\n", 0);
+
+ if (val->ipc_connect(SERVER_UNSPECIFED_MINOR_V_SID, 1, &handle))
+ {
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
+
+ /* Test invec 1 to 3 are NULL
+ * Invec 1 should be ignored since in_len is 1
+ */
+ psa_invec data1[2] = {{&data[0], sizeof(data[0])},
+ {&data[1], sizeof(data[1])}};
+
+ /* Test outvec 0 as zero length
+ * Test outvec 1 as NULL
+ * Test outvec 2 as valid msg pointer which is not zero length memory pointer
+ */
+ psa_outvec resp[3] = {{&data[0], 0},
+ {NULL, 0},
+ {&data[2], sizeof(data[2])}};
+
+ status = psa->call(handle, data1, 1, resp, 3);
+ if (status < 0)
+ {
+ status = VAL_STATUS_CALL_FAILED;
+ }
+ /* Compare the outvec with expected data */
+ else if (data[2] != data[0])
+ {
+ val->print(PRINT_ERROR, "\tExpected data=%x\n", data[0]);
+ val->print(PRINT_ERROR, "\tBut actual data=%x\n", data[2]);
+ status = VAL_STATUS_WRITE_FAILED;
+ }
+ /* No. of bytes written by psa_write should update the psa_outvec.len param */
+ else if (resp[2].len != sizeof(data[2]))
+ {
+ val->print(PRINT_ERROR, "\tExpected size=%x\n", sizeof(data[2]));
+ val->print(PRINT_ERROR, "\tBut actual size=%x\n", resp[2].len);
+ status = VAL_STATUS_WRITE_FAILED;
+ }
+
+ if (VAL_ERROR(status))
+ {
+ val->print(PRINT_ERROR, "\tpsa_call failed. status=%x\n", status);
+ }
+
+ val->ipc_close(handle);
+ return status;
+}
+
+int32_t client_test_call_read_and_skip(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ int data1[2] = {0xaa, 0xbb};
+ uint64_t data2 = 0x1122334455667788;
+ uint64_t data3 = 0x1020304050607080;
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check3] Test psa_write, psa_read and psa_skip\n", 0);
+
+ if (val->ipc_connect(SERVER_UNSPECIFED_MINOR_V_SID, 1, &handle))
+ {
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
+
+ /* Server test func checks the following:
+ * All iovec as input, out_len=0, inbound read, inbound skip,
+ * outbound read, outbound skip
+ */
+ psa_invec data[4] = {{&data1[0], sizeof(data1[0])},
+ {&data1[1], sizeof(data1[1])},
+ {&data2, sizeof(data2)},
+ {&data3, sizeof(data3)}};
+
+ status = psa->call(handle, data, 4, NULL, 0);
+ if (status < 0)
+ {
+ val->print(PRINT_ERROR, "\tpsa_call failed. status=%x\n",status);
+ status = VAL_STATUS_CALL_FAILED;
+ }
+
+ val->ipc_close(handle);
+ return status;
+}
+
+int32_t client_test_call_and_write(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ int data[4] = {0}, expected_data[4] = {0xaa, 0xbb, 0xcc, 0xeedd}, i;
+ size_t expected_size[] = {sizeof(expected_data[0]),
+ sizeof(expected_data[1]),
+ sizeof(expected_data[2]),
+ 2};
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check4] Test psa_call and psa_write\n", 0);
+
+ if (val->ipc_connect(SERVER_UNSPECIFED_MINOR_V_SID, 1, &handle))
+ {
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
+
+ /* Check all iovec as output */
+ /* Check for in_len=0 */
+ /* check for iovec write using psa_write */
+ /* check for write concatenation */
+ psa_outvec resp[4] = {{&data[0], sizeof(data[0])},
+ {&data[1], sizeof(data[1])},
+ {&data[2], sizeof(data[2])},
+ {&data[3], sizeof(data[3])}};
+
+ status = psa->call(handle, NULL, 0, resp, 4);
+ if (status < 0)
+ {
+ status = VAL_STATUS_CALL_FAILED;
+ }
+
+ for (i = 0; i < 4 ; i++)
+ {
+ if (data[i] != expected_data[i])
+ {
+ val->print(PRINT_ERROR, "\tIteration= %x\n", i);
+ val->print(PRINT_ERROR, "\tExpected data=%x\n", expected_data[i]);
+ val->print(PRINT_ERROR, "\tBut actual data=%x\n", data[i]);
+ status = VAL_STATUS_WRITE_FAILED;
+ }
+ /* No. of bytes written by psa_write should update the psa_outvec.len param */
+ else if (resp[i].len != expected_size[i])
+ {
+ val->print(PRINT_ERROR, "\tIteration= %x\n", i);
+ val->print(PRINT_ERROR, "\tExpected size=%x\n", expected_size[i]);
+ val->print(PRINT_ERROR, "\tBut actual size=%x\n", resp[i].len);
+ status = VAL_STATUS_WRITE_FAILED;
+ }
+ }
+
+ if (VAL_ERROR(status))
+ {
+ val->print(PRINT_ERROR, "\tpsa_call failed. status=%x\n", status);
+ }
+
+ val->ipc_close(handle);
+ return status;
+}
+
+int32_t client_test_psa_set_rhandle(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ int i = 0;
+
+ val->print(PRINT_TEST, "[Check5] Test psa_set_rhandle API\n", 0);
+
+ /*rhandle value check when PSA_IPC_CONNECT */
+ if (val->ipc_connect(SERVER_UNSPECIFED_MINOR_V_SID, 1, &handle))
+ {
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
+
+ for (i = 0; i < 3; i++)
+ {
+ /*i=0: rhandle value check when PSA_IPC_CALL */
+ /*i=1: rhandle value check after calling psa_set_rhandle() */
+ /*i:2: rhandle value check after resetting rhandle to other value */
+ status = psa->call(handle, NULL, 0, NULL, 0);
+ if (status < 0)
+ {
+ val->print(PRINT_ERROR, "psa_call failed. status=%x\n", status);
+ status = VAL_STATUS_CALL_FAILED;
+ break;
+ }
+ }
+
+ /*rhandle value check when PSA_IPC_DISCONNECT */
+ val->ipc_close(handle);
+ return status;
+}
+
+int32_t client_test_overlapping_vectors(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ uint8_t data = 0x11, expected_data[] = {0x22, 0x33};
+
+ val->print(PRINT_TEST, "[Check6] Test overlapping vectors\n", 0);
+
+ if (val->ipc_connect(SERVER_UNSPECIFED_MINOR_V_SID, 1, &handle))
+ {
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
+
+ /* Rule- When client provides an input and output vectors which are referencing
+ * to same memory location, psa_read after psa_write to that memory location
+ * can return original or modified value.
+ *
+ * Rule- When client provides an input and output vectors which are referencing to same
+ * memory location, a psa_write(s) to both memory vectors can return either the 1st
+ * or the 2nd value written.
+ *
+ * Input [0] and output [0,1] vectors have been used to verify these rule.
+ * All of these vectors are pointing to same memory location.
+ */
+
+ psa_invec invec[1] = {{&data, sizeof(data)}};
+ psa_outvec outvec[2] = {{&data, sizeof(data)},
+ {&data, sizeof(data)}};
+
+ status = psa->call(handle, invec, 1, outvec, 2);
+
+ if (status < 0)
+ {
+ status = VAL_STATUS_CALL_FAILED;
+ }
+ /* data should contain either value written by 1st psa_write or 2nd */
+ else if ((data != expected_data[0]) && (data != expected_data[1]))
+ {
+ val->print(PRINT_ERROR, "\tInvalid data received=%x\n", data);
+ status = VAL_STATUS_CALL_FAILED;
+ }
+
+ if (VAL_ERROR(status))
+ {
+ val->print(PRINT_ERROR, "\tpsa_call failed. status=%x\n", status);
+ }
+
+ val->ipc_close(handle);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i003/test_i003.h b/psa-ff/test_suites/ipc/test_i003/test_i003.h
new file mode 100644
index 0000000..4c07808
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i003/test_i003.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST003_CLIENT_TESTS_H_
+#define _TEST003_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i003_client_tests_list[];
+
+int32_t client_test_psa_set_rhandle(security_t);
+int32_t client_test_call_read_and_skip(security_t);
+int32_t client_test_call_and_write(security_t);
+int32_t client_test_zero_length_invec(security_t);
+int32_t client_test_zero_length_outvec(security_t);
+int32_t client_test_overlapping_vectors(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i003/test_supp_i003.c b/psa-ff/test_suites/ipc/test_i003/test_supp_i003.c
new file mode 100644
index 0000000..85a4240
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i003/test_supp_i003.c
@@ -0,0 +1,520 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_set_rhandle(void);
+int32_t server_test_call_read_and_skip(void);
+int32_t server_test_call_and_write(void);
+int32_t server_test_zero_length_invec();
+int32_t server_test_zero_length_outvec(void);
+int32_t server_test_overlapping_vectors(void);
+
+server_test_t test_i003_server_tests_list[] = {
+ NULL,
+ server_test_zero_length_invec,
+ server_test_zero_length_outvec,
+ server_test_call_read_and_skip,
+ server_test_call_and_write,
+ server_test_psa_set_rhandle,
+ server_test_overlapping_vectors,
+ NULL,
+};
+
+static void exit_graceful(psa_handle_t msg_handle, int status_code,
+ int print_next_args, int expected_data, int actual_data)
+{
+ psa_msg_t msg={0};
+
+ if (print_next_args != 0)
+ {
+ val_print(PRINT_ERROR, "\tExpected data=%x\n", expected_data);
+ val_print(PRINT_ERROR, "\tActual data=%x\n", actual_data);
+ }
+ /* Negative status_code represents check failure and each check has
+ * uniq status_code to identify failing point
+ */
+ psa_reply(msg_handle, status_code);
+
+ if (val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ {
+ val_print(PRINT_ERROR, "\tdisconnect failed in exit_graceful func\n", 0);
+ }
+ psa_reply(msg.handle, PSA_SUCCESS);
+}
+
+int32_t server_test_zero_length_invec(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ int data[5] = {0}, actual_data = 0x22;
+
+ if (val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ if (val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ {
+ exit_graceful(msg.handle, -2, 0, 0, 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ if (((msg.in_size[0] != 0)) ||
+ ((msg.in_size[1] != 0)) ||
+ ((msg.in_size[2] != sizeof(int))) ||
+ ((msg.in_size[3] != 0)))
+ {
+ exit_graceful(msg.handle, -3, 0, 0, 0);
+ return VAL_STATUS_MSG_INSIZE_FAILED;
+ }
+
+ if (psa_read(msg.handle, 2, &data[2], msg.in_size[2]) != msg.in_size[2])
+ {
+ exit_graceful(msg.handle, -4, 0, 0, 0);
+ return VAL_STATUS_READ_FAILED;
+ }
+
+ if (actual_data != data[2])
+ {
+ exit_graceful(msg.handle, -5, 1, data[2], actual_data);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ if (((msg.out_size[0] != sizeof(int))) ||
+ ((msg.out_size[1] != 0)) ||
+ ((msg.out_size[2] != 0)) ||
+ ((msg.out_size[3] != 0)))
+ {
+ exit_graceful(msg.handle, -6, 0, 0, 0);
+ return VAL_STATUS_MSG_OUTSIZE_FAILED;
+ }
+
+ psa_write(msg.handle, 0, &data[2], msg.out_size[0]);
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
+
+int32_t server_test_zero_length_outvec(void)
+{
+ int32_t status=VAL_STATUS_SUCCESS;
+ psa_msg_t msg={0};
+ int data[5] ={0}, actual_data=0x11;
+
+ if (val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ if (val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ {
+ exit_graceful(msg.handle, -2, 0, 0, 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ if (((msg.in_size[0] != sizeof(int))) ||
+ ((msg.in_size[1] != 0)) ||
+ ((msg.in_size[2] != 0)) ||
+ ((msg.in_size[3] != 0)))
+ {
+ exit_graceful(msg.handle, -3, 0, 0, 0);
+ return VAL_STATUS_MSG_INSIZE_FAILED;
+ }
+
+ if (psa_read(msg.handle, 0, &data[0], msg.in_size[0]) != msg.in_size[0])
+ {
+ exit_graceful(msg.handle, -4, 0, 0, 0);
+ return VAL_STATUS_READ_FAILED;
+ }
+
+ if (actual_data != data[0])
+ {
+ exit_graceful(msg.handle, -5, 1, data[2], actual_data);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ if (((msg.out_size[0] != 0)) ||
+ ((msg.out_size[1] != 0)) ||
+ ((msg.out_size[2] != sizeof(int))) ||
+ ((msg.out_size[3] != 0)))
+ {
+ exit_graceful(msg.handle, -6, 0, 0, 0);
+ return VAL_STATUS_MSG_OUTSIZE_FAILED;
+ }
+ psa_write(msg.handle, 2, &data[0], msg.out_size[2]);
+
+ /* Dummy write with zero byte. This should not overwrite previously written data */
+ psa_write(msg.handle, 2, &data[0], msg.out_size[0]);
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
+
+int32_t server_test_call_read_and_skip(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ int expected_data1[2] = {0xaa, 0xbb};
+ int expected_data2[4] = {0x7788, 0x2233, 0x2211, 0x50607080},
+ actual_data[4] = {0}, i;
+ psa_msg_t msg = {0};
+
+ if (val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ if (val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ {
+ exit_graceful(msg.handle, -2, 0, 0, 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ /* msg.in_size should match with the size of psa_invec given to psa_call*/
+ if (((msg.in_size[0] != sizeof(int))) ||
+ ((msg.in_size[1] != sizeof(int))) ||
+ ((msg.in_size[2] != sizeof(uint64_t))) ||
+ ((msg.in_size[3] != sizeof(uint64_t))))
+ {
+ exit_graceful(msg.handle, -3, 0, 0, 0);
+ return VAL_STATUS_MSG_INSIZE_FAILED;
+ }
+
+ /* Full size read for invec 0 and invec 1 */
+ for (i = 0; i < 2 ; i++)
+ {
+ if (psa_read(msg.handle, i, &actual_data[i], msg.in_size[i]) != msg.in_size[i])
+ {
+ exit_graceful(msg.handle, -4, 0, 0, 0);
+ return VAL_STATUS_READ_FAILED;
+ }
+ if (actual_data[i] != expected_data1[i])
+ {
+ exit_graceful(msg.handle, -5, 1, expected_data1[i], actual_data[i]);
+ return VAL_STATUS_READ_FAILED;
+ }
+ }
+
+ /* Inbound read of 2 bytes from invec 2 */
+ if (psa_read(msg.handle, 2, &actual_data[0], 2) != 2)
+ {
+ exit_graceful(msg.handle, -6, 0, 0, 0);
+ return VAL_STATUS_READ_FAILED;
+ }
+ if (actual_data[0] != expected_data2[0])
+ {
+ exit_graceful(msg.handle, -7, 1, expected_data2[0], actual_data[0]);
+ return VAL_STATUS_READ_FAILED;
+ }
+
+ /* Inbound read of 3 bytes from invec 2 */
+ if (psa_skip(msg.handle, 2, 3) != 3)
+ {
+ exit_graceful(msg.handle, -8, 0, 0, 0);
+ return VAL_STATUS_SKIP_FAILED;
+ }
+
+ /* Check previous psa_skip has actually skipped 3 bytes */
+ if (psa_read(msg.handle, 2, &actual_data[0], 2) != 2)
+ {
+ exit_graceful(msg.handle, -9, 0, 0, 0);
+ return VAL_STATUS_READ_FAILED;
+ }
+
+ if (actual_data[0] != expected_data2[1])
+ {
+ exit_graceful(msg.handle, -10, 1, expected_data2[1], actual_data[0]);
+ return VAL_STATUS_READ_FAILED;
+ }
+
+ /* Outbound read of 3 bytes from invec 2
+ * Only one byte should be updated in buffer. Remaining space should be untouched
+ */
+ if (psa_read(msg.handle, 2, &actual_data[0], 3) != 1)
+ {
+ exit_graceful(msg.handle, -11, 0, 0, 0);
+ return VAL_STATUS_READ_FAILED;
+ }
+
+ if (actual_data[0] != expected_data2[2])
+ {
+ exit_graceful(msg.handle, -12, 1, expected_data2[2], actual_data[0]);
+ return VAL_STATUS_READ_FAILED;
+ }
+
+ actual_data[0] = 0xaa;
+
+ /* After outbound read, subsequent read or skip to invec 2 should return 0
+ * and memory buffer shouldn't be updated
+ */
+ if ((psa_read(msg.handle, 2, &actual_data[0], 3) != 0) ||
+ (psa_skip(msg.handle, 2, 3) != 0) || (actual_data[0] != 0xaa))
+ {
+ exit_graceful(msg.handle, -13, 0, 0, 0);
+ return VAL_STATUS_READ_FAILED;
+ }
+
+ /* Read of zero bytes should not read anything */
+ if ((psa_read(msg.handle, 3, &actual_data[0], 0) != 0) || (actual_data[0] != 0xaa))
+ {
+ exit_graceful(msg.handle, -14, 0, 0, 0);
+ return VAL_STATUS_READ_FAILED;
+ }
+
+ /* Skip of zero bytes should not skip anything */
+ if (psa_skip(msg.handle, 3, 0) != 0)
+ {
+ exit_graceful(msg.handle, -15, 0, 0, 0);
+ return VAL_STATUS_SKIP_FAILED;
+ }
+
+ /* Check effect of previous zero byte read and skip */
+ psa_read(msg.handle, 3, &actual_data[0], 4);
+ if (actual_data[0] != expected_data2[3])
+ {
+ exit_graceful(msg.handle, -16, 1, expected_data2[3], actual_data[0]);
+ return VAL_STATUS_READ_FAILED;
+ }
+
+ /* Outbound skip to invec 3 */
+ if (psa_skip(msg.handle, 3, 5) != 4)
+ {
+ exit_graceful(msg.handle, -17, 0, 0, 0);
+ return VAL_STATUS_SKIP_FAILED;
+ }
+ if (psa_skip(msg.handle, 3, 5) != 0)
+ {
+ exit_graceful(msg.handle, -18, 0, 0, 0);
+ return VAL_STATUS_SKIP_FAILED;
+ }
+
+ /* Since out_len is 0, msg.out_size should be 0 */
+ if ((msg.out_size[0] != 0) ||
+ (msg.out_size[1] != 0) ||
+ (msg.out_size[2] != 0) ||
+ (msg.out_size[3] != 0))
+ {
+ exit_graceful(msg.handle, -14, 0, 0, 0);
+ return VAL_STATUS_MSG_OUTSIZE_FAILED;
+ }
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
+
+int32_t server_test_call_and_write(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ int data[5] = {0xaa, 0xbb, 0xcc, 0xdd, 0xee}, i;
+ psa_msg_t msg = {0};
+
+ if (val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ if (val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ {
+ exit_graceful(msg.handle, -2, 0, 0, 0);
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ /* msg.out_size should match with size of psa_outvec given to psa_call */
+ if (((msg.out_size[0] != sizeof(int))) ||
+ ((msg.out_size[1] != sizeof(int))) ||
+ ((msg.out_size[2] != sizeof(int))) ||
+ ((msg.out_size[3] != sizeof(int))))
+ {
+ exit_graceful(msg.handle, -3, 0, 0, 0);
+ return VAL_STATUS_MSG_OUTSIZE_FAILED;
+ }
+
+ /* Since in_len=0, all msg.in_size should be 0 */
+ if ((msg.in_size[0] != 0) ||
+ (msg.in_size[1] != 0) ||
+ (msg.in_size[2] != 0) ||
+ (msg.in_size[3] != 0))
+
+ {
+ exit_graceful(msg.handle, -4, 0, 0, 0);
+ return VAL_STATUS_MSG_INSIZE_FAILED;
+ }
+
+ for (i = 0; i < 3 ; i++)
+ {
+ psa_write(msg.handle, i, &data[i], msg.out_size[i]);
+ }
+
+ /* Zero byte write shouldn't have any effect */
+ psa_write(msg.handle, 3, &data[3], 0);
+
+ /*Using invec 3 to test write concatenation behaviour */
+ psa_write(msg.handle, 3, &data[3], 1);
+ psa_write(msg.handle, 3, &data[4], 1);
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
+
+int32_t server_test_psa_set_rhandle(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ int *num = NULL;
+
+ /*rhandle value check when PSA_IPC_CONNECT */
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (msg.rhandle != NULL)
+ {
+ status = VAL_STATUS_INVALID_HANDLE;
+ }
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+
+ /*rhandle value check when PSA_IPC_CALL */
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (msg.rhandle != NULL)
+ {
+ status = VAL_STATUS_INVALID_HANDLE;
+ }
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ exit_graceful(msg.handle, -2, 0, 0, 0);
+ return status;
+ }
+
+ /*set rhandle */
+ *num = 5;
+ psa_set_rhandle(msg.handle, num);
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (msg.rhandle != num)
+ {
+ status = VAL_STATUS_INVALID_HANDLE;
+ }
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ exit_graceful(msg.handle, -3, 0, 0, 0);
+ return status;
+ }
+
+ /*set rhandle other than previous value to see effect of
+ * updated value in next msg delivery. Next msg should
+ * return the updated value.
+ */
+ *num = 10;
+ psa_set_rhandle(msg.handle, num);
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (msg.rhandle != num)
+ {
+ status = VAL_STATUS_INVALID_HANDLE;
+ }
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(204), status))
+ {
+ exit_graceful(msg.handle, -4, 0, 0, 0);
+ return status;
+ }
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ /* rhandle should retain the value at PSA_IPC_DISCONNECT too */
+ status = val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (msg.rhandle != num)
+ {
+ status = VAL_STATUS_INVALID_HANDLE;
+ }
+ val_err_check_set(TEST_CHECKPOINT_NUM(205), status);
+
+ /*Setting the rhandle for a connection during disconnection has no observable effect*/
+ *num = 15;
+ psa_set_rhandle(msg.handle, num);
+
+ /* Sanity check - previous call shouldn't hang */
+ val_err_check_set(TEST_CHECKPOINT_NUM(206), status);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
+
+int32_t server_test_overlapping_vectors(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t wr_data[] = {0x22, 0x33},
+ rd_data[] = {0x0, 0x0},
+ expected_data[] = {0x11, 0x22};
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(207), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(208), status))
+ {
+ exit_graceful(msg.handle, -1, 0, 0, 0);
+ return status;
+ }
+
+ /* Performing read after write to overlapping vector. */
+ psa_write(msg.handle, 0, &wr_data[0], 1);
+ psa_read(msg.handle, 0, &rd_data[0], 1);
+
+ /* rd_data[0] should either be original value or modified value */
+ if ((rd_data[0] != expected_data[0]) && (rd_data[0] != expected_data[1]))
+ {
+ val_print(PRINT_ERROR, "\tReceived invalid data=%x\n", rd_data[0]);
+ exit_graceful(msg.handle, -2, 0, 0, 0);
+ return status;
+ }
+
+ /* Performing write after write to overlapping vector. */
+ psa_write(msg.handle, 1, &wr_data[1], 1);
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ val_err_check_set(TEST_CHECKPOINT_NUM(209), status);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i004/source.mk b/psa-ff/test_suites/ipc/test_i004/source.mk
new file mode 100644
index 0000000..515add7
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i004/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i004.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i004/test_entry.c b/psa-ff/test_suites/ipc/test_i004/test_entry.c
new file mode 100644
index 0000000..991770a
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i004/test_entry.c
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i004.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 4)
+#define TEST_DESC "Testing psa_connect with invalid sid\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i004_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i004/test_i004.c b/psa-ff/test_suites/ipc/test_i004/test_i004.c
new file mode 100644
index 0000000..1e94d47
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i004/test_i004.c
@@ -0,0 +1,79 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i004.h"
+
+client_test_t test_i004_client_tests_list[] = {
+ NULL,
+ client_test_sid_does_not_exists,
+ NULL,
+};
+
+int32_t client_test_sid_does_not_exists(security_t caller)
+{
+ psa_handle_t handle = 0;
+ boot_state_t boot_state;
+
+ val->print(PRINT_TEST, "[Check1] psa_connect with invalid sid \n", 0);
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Test check - psa_connect with INVALID_SID, call must not return */
+ handle = psa->connect(INVALID_SID, 1);
+
+ /* Control shouldn't have reached here */
+ val->print(PRINT_ERROR, "\tpsa_connect with invalid sid should have failed but succeeded\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ if (handle > 0)
+ {
+ psa->close(handle);
+ }
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i004/test_i004.h b/psa-ff/test_suites/ipc/test_i004/test_i004.h
new file mode 100644
index 0000000..80d0456
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i004/test_i004.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST004_CLIENT_TESTS_H_
+#define _TEST004_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i004_client_tests_list[];
+
+int32_t client_test_sid_does_not_exists(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i004/test_supp_i004.c b/psa-ff/test_suites/ipc/test_i004/test_supp_i004.c
new file mode 100644
index 0000000..8d1abd2
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i004/test_supp_i004.c
@@ -0,0 +1,33 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_sid_does_not_exists();
+
+server_test_t test_i004_server_tests_list[] = {
+ NULL,
+ server_test_sid_does_not_exists,
+ NULL,
+};
+
+int32_t server_test_sid_does_not_exists()
+{
+ val_err_check_set(TEST_CHECKPOINT_NUM(201), VAL_STATUS_SUCCESS);
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/psa-ff/test_suites/ipc/test_i005/source.mk b/psa-ff/test_suites/ipc/test_i005/source.mk
new file mode 100644
index 0000000..08441c7
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i005/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i005.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i005/test_entry.c b/psa-ff/test_suites/ipc/test_i005/test_entry.c
new file mode 100644
index 0000000..e0e2295
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i005/test_entry.c
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i005.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 5)
+#define TEST_DESC "Testing STRICT policy with higher minor version\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i005_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i005/test_i005.c b/psa-ff/test_suites/ipc/test_i005/test_i005.c
new file mode 100644
index 0000000..38b8536
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i005/test_i005.c
@@ -0,0 +1,79 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i005.h"
+
+client_test_t test_i005_client_tests_list[] = {
+ NULL,
+ client_test_strict_policy_higher_minor_version,
+ NULL,
+};
+
+int32_t client_test_strict_policy_higher_minor_version(security_t caller)
+{
+ psa_handle_t handle = 0;
+ boot_state_t boot_state;
+
+ val->print(PRINT_TEST, "[Check1] Test STRICT policy with higher minor version\n", 0);
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Test check- Version policy is strict and requested version is bigger than
+ * the minimum version.
+ */
+ handle = psa->connect(SERVER_STRICT_MINOR_VERSION_SID, 3);
+
+ /* Shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tSTRICT policy with higher minor version should have failed but succeeded\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ (void)(handle);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i005/test_i005.h b/psa-ff/test_suites/ipc/test_i005/test_i005.h
new file mode 100644
index 0000000..c9d1353
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i005/test_i005.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST005_CLIENT_TESTS_H_
+#define _TEST005_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i005_client_tests_list[];
+
+int32_t client_test_strict_policy_higher_minor_version(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i005/test_supp_i005.c b/psa-ff/test_suites/ipc/test_i005/test_supp_i005.c
new file mode 100644
index 0000000..b50c548
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i005/test_supp_i005.c
@@ -0,0 +1,44 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_strict_policy_higher_minor_version(void);
+
+server_test_t test_i005_server_tests_list[] = {
+ NULL,
+ server_test_strict_policy_higher_minor_version,
+ NULL,
+};
+
+int32_t server_test_strict_policy_higher_minor_version(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(201), status);
+ status = val_process_connect_request(SERVER_STRICT_MINOR_VERSION_SIG, &msg);
+
+ /* Shouldn't have reached here */
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ return VAL_STATUS_INVALID;
+ }
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return VAL_STATUS_INVALID;
+}
diff --git a/psa-ff/test_suites/ipc/test_i006/source.mk b/psa-ff/test_suites/ipc/test_i006/source.mk
new file mode 100644
index 0000000..51a2ebf
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i006/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i006.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i006/test_entry.c b/psa-ff/test_suites/ipc/test_i006/test_entry.c
new file mode 100644
index 0000000..2c83556
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i006/test_entry.c
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i006.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 6)
+#define TEST_DESC "Testing STRICT policy with lower minor version\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i006_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i006/test_i006.c b/psa-ff/test_suites/ipc/test_i006/test_i006.c
new file mode 100644
index 0000000..3c896a9
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i006/test_i006.c
@@ -0,0 +1,77 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i006.h"
+
+client_test_t test_i006_client_tests_list[] = {
+ NULL,
+ client_test_strict_policy_lower_minor_version,
+ NULL,
+};
+
+int32_t client_test_strict_policy_lower_minor_version(security_t caller)
+{
+ psa_handle_t handle = 0;
+ boot_state_t boot_state;
+
+ val->print(PRINT_TEST, "[Check1] Test STRICT policy with lower minor version\n", 0);
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /*Version policy is strict and requested version is smaller than the minimum version */
+ handle = psa->connect(SERVER_STRICT_MINOR_VERSION_SID, 1);
+
+ /* Shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tSTRICT policy with lower minor version should have failed but succeeded\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ (void)(handle);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i006/test_i006.h b/psa-ff/test_suites/ipc/test_i006/test_i006.h
new file mode 100644
index 0000000..2d0ed6d
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i006/test_i006.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST006_CLIENT_TESTS_H_
+#define _TEST006_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i006_client_tests_list[];
+
+int32_t client_test_strict_policy_lower_minor_version(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i006/test_supp_i006.c b/psa-ff/test_suites/ipc/test_i006/test_supp_i006.c
new file mode 100644
index 0000000..b1cd95e
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i006/test_supp_i006.c
@@ -0,0 +1,44 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_strict_policy_lower_minor_version(void);
+
+server_test_t test_i006_server_tests_list[] = {
+ NULL,
+ server_test_strict_policy_lower_minor_version,
+ NULL,
+};
+
+int32_t server_test_strict_policy_lower_minor_version(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(201), status);
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+
+ /* Shouldn't have reached here */
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ return VAL_STATUS_INVALID;
+ }
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return VAL_STATUS_INVALID;
+}
diff --git a/psa-ff/test_suites/ipc/test_i007/source.mk b/psa-ff/test_suites/ipc/test_i007/source.mk
new file mode 100644
index 0000000..ebe0ae4
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i007/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i007.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i007/test_entry.c b/psa-ff/test_suites/ipc/test_i007/test_entry.c
new file mode 100644
index 0000000..ddfe3cd
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i007/test_entry.c
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i007.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 7)
+#define TEST_DESC "Testing RELAX policy with higher minor version\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i007_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i007/test_i007.c b/psa-ff/test_suites/ipc/test_i007/test_i007.c
new file mode 100644
index 0000000..dfea14c
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i007/test_i007.c
@@ -0,0 +1,77 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i007.h"
+
+client_test_t test_i007_client_tests_list[] = {
+ NULL,
+ client_test_relax_policy_higher_minor_version,
+ NULL,
+};
+
+int32_t client_test_relax_policy_higher_minor_version(security_t caller)
+{
+ psa_handle_t handle = 0;
+ boot_state_t boot_state;
+
+ val->print(PRINT_TEST, "[Check1] Test RELAX policy with higher minor version\n", 0);
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /*Version policy is relaxed and requested version is higher than the minimum version */
+ handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 3);
+
+ /* Shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tRELAXED policy with higher minor version should have failed but succeeded\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ (void)(handle);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i007/test_i007.h b/psa-ff/test_suites/ipc/test_i007/test_i007.h
new file mode 100644
index 0000000..0f2c691
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i007/test_i007.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST007_CLIENT_TESTS_H_
+#define _TEST007_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i007_client_tests_list[];
+
+int32_t client_test_relax_policy_higher_minor_version(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i007/test_supp_i007.c b/psa-ff/test_suites/ipc/test_i007/test_supp_i007.c
new file mode 100644
index 0000000..dd703f2
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i007/test_supp_i007.c
@@ -0,0 +1,44 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_relax_policy_higher_minor_version(void);
+
+server_test_t test_i007_server_tests_list[] = {
+ NULL,
+ server_test_relax_policy_higher_minor_version,
+ NULL,
+};
+
+int32_t server_test_relax_policy_higher_minor_version(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(201), status);
+ status = val_process_connect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+
+ /* Shouldn't have reached here */
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ return VAL_STATUS_INVALID;
+ }
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return VAL_STATUS_INVALID;
+}
diff --git a/psa-ff/test_suites/ipc/test_i008/source.mk b/psa-ff/test_suites/ipc/test_i008/source.mk
new file mode 100644
index 0000000..7b408ff
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i008/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i008.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i008/test_entry.c b/psa-ff/test_suites/ipc/test_i008/test_entry.c
new file mode 100644
index 0000000..9a9162a
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i008/test_entry.c
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i008.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 8)
+#define TEST_DESC "Testing secure access only connection\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i008_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i008/test_i008.c b/psa-ff/test_suites/ipc/test_i008/test_i008.c
new file mode 100644
index 0000000..decdf38
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i008/test_i008.c
@@ -0,0 +1,93 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i008.h"
+
+client_test_t test_i008_client_tests_list[] = {
+ NULL,
+ client_test_secure_access_only_connection,
+ NULL,
+};
+
+int32_t client_test_secure_access_only_connection(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check1] Test secure access only connection\n", 0);
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ /* Setting boot.state before test check for NS*/
+ if(caller == NONSECURE)
+ {
+ status = val->set_boot_flag(BOOT_EXPECTED_NS);
+ }
+ if(VAL_ERROR(status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return status;
+ }
+ /* Below psa_connect should not return for call from nspe and
+ * should succeed for call from spe
+ */
+ handle = psa->connect(SERVER_SECURE_CONNECT_ONLY_SID, 1);
+
+ if(caller == NONSECURE)
+ {
+ /* Shouldn't have reached here for NS run*/
+ val->print(PRINT_ERROR, "\tSecure access only connection test failed for NS run\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+ status = VAL_STATUS_SPM_FAILED;
+ }
+
+ /* Should return positive handle for SPE connection */
+ if(handle > 0)
+ {
+ psa->close(handle);
+ }
+ else
+ {
+ val->print(PRINT_ERROR, "\tSecure access only connection failed\n", 0);
+ status = VAL_STATUS_SPM_FAILED;
+ }
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i008/test_i008.h b/psa-ff/test_suites/ipc/test_i008/test_i008.h
new file mode 100644
index 0000000..7eb7737
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i008/test_i008.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST008_CLIENT_TESTS_H_
+#define _TEST008_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i008_client_tests_list[];
+
+int32_t client_test_secure_access_only_connection(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i008/test_supp_i008.c b/psa-ff/test_suites/ipc/test_i008/test_supp_i008.c
new file mode 100644
index 0000000..711621e
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i008/test_supp_i008.c
@@ -0,0 +1,50 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_secure_access_only_connection(void);
+
+server_test_t test_i008_server_tests_list[] = {
+ NULL,
+ server_test_secure_access_only_connection,
+ NULL,
+};
+
+int32_t server_test_secure_access_only_connection(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(201), status);
+ status = val_process_connect_request(SERVER_SECURE_CONNECT_ONLY_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_disconnect_request(SERVER_SECURE_CONNECT_ONLY_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ return status;
+ }
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i009/source.mk b/psa-ff/test_suites/ipc/test_i009/source.mk
new file mode 100644
index 0000000..0607651
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i009/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i009.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i009/test_entry.c b/psa-ff/test_suites/ipc/test_i009/test_entry.c
new file mode 100644
index 0000000..992e9e2
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i009/test_entry.c
@@ -0,0 +1,52 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i009.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 9)
+#define TEST_DESC "Testing unextern SID connection\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i009/test_i009.c b/psa-ff/test_suites/ipc/test_i009/test_i009.c
new file mode 100644
index 0000000..fde8cf3
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i009/test_i009.c
@@ -0,0 +1,73 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i009.h"
+
+client_test_t test_i009_client_tests_list[] = {
+ NULL,
+ client_test_unextern_sid_connection,
+ NULL,
+};
+
+int32_t client_test_unextern_sid_connection(security_t caller)
+{
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check1] Test unextern SID connection\n", 0);
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ /* Setting boot.state before test check */
+ if (val->set_boot_flag(BOOT_EXPECTED_S))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ handle = psa->connect(SERVER_UNEXTERN_SID, 2);
+
+ /* Shouldn't have reached here */
+ val->print(PRINT_ERROR, "\tunextern SID connection should have failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ (void)(handle);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i009/test_i009.h b/psa-ff/test_suites/ipc/test_i009/test_i009.h
new file mode 100644
index 0000000..85f7396
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i009/test_i009.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST009_CLIENT_TESTS_H_
+#define _TEST009_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i009_client_tests_list[];
+
+int32_t client_test_unextern_sid_connection(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i009/test_supp_i009.c b/psa-ff/test_suites/ipc/test_i009/test_supp_i009.c
new file mode 100644
index 0000000..864f39b
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i009/test_supp_i009.c
@@ -0,0 +1,44 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_unextern_sid_connection(void);
+
+server_test_t test_i009_server_tests_list[] = {
+ NULL,
+ server_test_unextern_sid_connection,
+ NULL,
+};
+
+int32_t server_test_unextern_sid_connection(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(201), status);
+ status = val_process_connect_request(SERVER_UNEXTERN_SIG, &msg);
+
+ /* Shouldn't have reached here */
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ return VAL_STATUS_INVALID;
+ }
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return VAL_STATUS_INVALID;
+}
diff --git a/psa-ff/test_suites/ipc/test_i010/source.mk b/psa-ff/test_suites/ipc/test_i010/source.mk
new file mode 100644
index 0000000..6986b18
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i010/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i010.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i010/test_entry.c b/psa-ff/test_suites/ipc/test_i010/test_entry.c
new file mode 100644
index 0000000..fa42b05
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i010/test_entry.c
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i010.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 10)
+#define TEST_DESC "Testing un-specified minor_policy with higher minor version\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i010_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i010/test_i010.c b/psa-ff/test_suites/ipc/test_i010/test_i010.c
new file mode 100644
index 0000000..9a3241f
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i010/test_i010.c
@@ -0,0 +1,77 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i010.h"
+
+client_test_t test_i010_client_tests_list[] = {
+ NULL,
+ client_test_unspecified_policy_with_higher_minor_ver,
+ NULL,
+};
+
+int32_t client_test_unspecified_policy_with_higher_minor_ver(security_t caller)
+{
+ psa_handle_t handle = 0;
+ boot_state_t boot_state;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test un-specified minor_policy with higher minor version\n", 0);
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 3);
+
+ /* Shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tun-specified policy with higher minor version should have failed but succeeded\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ (void)(handle);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i010/test_i010.h b/psa-ff/test_suites/ipc/test_i010/test_i010.h
new file mode 100644
index 0000000..89aaa91
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i010/test_i010.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST010_CLIENT_TESTS_H_
+#define _TEST010_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i010_client_tests_list[];
+
+int32_t client_test_unspecified_policy_with_higher_minor_ver(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i010/test_supp_i010.c b/psa-ff/test_suites/ipc/test_i010/test_supp_i010.c
new file mode 100644
index 0000000..406760c
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i010/test_supp_i010.c
@@ -0,0 +1,44 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_unspecified_policy_with_higher_minor_ver(void);
+
+server_test_t test_i010_server_tests_list[] = {
+ NULL,
+ server_test_unspecified_policy_with_higher_minor_ver,
+ NULL,
+};
+
+int32_t server_test_unspecified_policy_with_higher_minor_ver(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(201), status);
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+
+ /* Shouldn't have reached here */
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ return VAL_STATUS_INVALID;
+ }
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return VAL_STATUS_INVALID;
+}
diff --git a/psa-ff/test_suites/ipc/test_i011/source.mk b/psa-ff/test_suites/ipc/test_i011/source.mk
new file mode 100644
index 0000000..692cc78
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i011/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i011.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i011/test_entry.c b/psa-ff/test_suites/ipc/test_i011/test_entry.c
new file mode 100644
index 0000000..ef4b6f5
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i011/test_entry.c
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i011.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 11)
+#define TEST_DESC "Testing un-specified minor_policy with lower minor version\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i011_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i011/test_i011.c b/psa-ff/test_suites/ipc/test_i011/test_i011.c
new file mode 100644
index 0000000..e15d869
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i011/test_i011.c
@@ -0,0 +1,77 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i011.h"
+
+client_test_t test_i011_client_tests_list[] = {
+ NULL,
+ client_test_unspecified_policy_with_lower_minor_ver,
+ NULL,
+};
+
+int32_t client_test_unspecified_policy_with_lower_minor_ver(security_t caller)
+{
+ psa_handle_t handle = 0;
+ boot_state_t boot_state;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test un-specified minor_policy with higher minor version\n", 0);
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 0);
+
+ /* Shouldn't have reached here */
+ val->print(PRINT_ERROR,
+ "\tun-specified policy with lower minor version should have failed but succeeded\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ (void)(handle);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i011/test_i011.h b/psa-ff/test_suites/ipc/test_i011/test_i011.h
new file mode 100644
index 0000000..b3ef30f
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i011/test_i011.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST011_CLIENT_TESTS_H_
+#define _TEST011_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i011_client_tests_list[];
+
+int32_t client_test_unspecified_policy_with_lower_minor_ver(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i011/test_supp_i011.c b/psa-ff/test_suites/ipc/test_i011/test_supp_i011.c
new file mode 100644
index 0000000..a4a5e21
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i011/test_supp_i011.c
@@ -0,0 +1,44 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_unspecified_policy_with_lower_minor_ver(void);
+
+server_test_t test_i011_server_tests_list[] = {
+ NULL,
+ server_test_unspecified_policy_with_lower_minor_ver,
+ NULL,
+};
+
+int32_t server_test_unspecified_policy_with_lower_minor_ver(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(201), status);
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+
+ /* Shouldn't have reached here */
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ return VAL_STATUS_INVALID;
+ }
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return VAL_STATUS_INVALID;
+}
diff --git a/psa-ff/test_suites/ipc/test_i012/source.mk b/psa-ff/test_suites/ipc/test_i012/source.mk
new file mode 100644
index 0000000..16f861b
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i012/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i012.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i012/test_entry.c b/psa-ff/test_suites/ipc/test_i012/test_entry.c
new file mode 100644
index 0000000..c319510
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i012/test_entry.c
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i012.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 12)
+#define TEST_DESC "Testing psa_close with invalid handle\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i012_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i012/test_i012.c b/psa-ff/test_suites/ipc/test_i012/test_i012.c
new file mode 100644
index 0000000..7fe6a83
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i012/test_i012.c
@@ -0,0 +1,74 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i012.h"
+
+client_test_t test_i012_client_tests_list[] = {
+ NULL,
+ client_test_psa_close_with_invalid_handle,
+ NULL,
+};
+
+int32_t client_test_psa_close_with_invalid_handle(security_t caller)
+{
+ boot_state_t boot_state;
+
+ val->print(PRINT_TEST, "[Check1] Test psa_close with invalid handle\n", 0);
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* psa_close() with invalid handle */
+ psa->close(INVALID_HANDLE);
+
+ /* Shouldn't have reached here */
+ val->print(PRINT_ERROR, "\tpsa_close(invalid_handle) should have failed but succeeded\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i012/test_i012.h b/psa-ff/test_suites/ipc/test_i012/test_i012.h
new file mode 100644
index 0000000..b1f93f5
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i012/test_i012.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST012_CLIENT_TESTS_H_
+#define _TEST012_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i012_client_tests_list[];
+
+int32_t client_test_psa_close_with_invalid_handle(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i012/test_supp_i012.c b/psa-ff/test_suites/ipc/test_i012/test_supp_i012.c
new file mode 100644
index 0000000..104552c
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i012/test_supp_i012.c
@@ -0,0 +1,33 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_close_with_invalid_handle(void);
+
+server_test_t test_i012_server_tests_list[] = {
+ NULL,
+ server_test_psa_close_with_invalid_handle,
+ NULL,
+};
+
+int32_t server_test_psa_close_with_invalid_handle(void)
+{
+ val_err_check_set(TEST_CHECKPOINT_NUM(201), VAL_STATUS_SUCCESS);
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/psa-ff/test_suites/ipc/test_i013/source.mk b/psa-ff/test_suites/ipc/test_i013/source.mk
new file mode 100644
index 0000000..c55c682
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i013/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i013.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i013/test_entry.c b/psa-ff/test_suites/ipc/test_i013/test_entry.c
new file mode 100644
index 0000000..9a8620b
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i013/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i013.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 13)
+#define TEST_DESC "Testing psa_get with multiple signals\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i013_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i013/test_i013.c b/psa-ff/test_suites/ipc/test_i013/test_i013.c
new file mode 100644
index 0000000..ac9752a
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i013/test_i013.c
@@ -0,0 +1,47 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i013.h"
+
+client_test_t test_i013_client_tests_list[] = {
+ NULL,
+ client_test_psa_get_with_more_than_one_signal,
+ NULL,
+};
+
+int32_t client_test_psa_get_with_more_than_one_signal(security_t caller)
+{
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check1] Test psa_get with multiple signals\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tConnection should failed but successed\n", 0);
+
+ (void)(handle);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i013/test_i013.h b/psa-ff/test_suites/ipc/test_i013/test_i013.h
new file mode 100644
index 0000000..54ddf79
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i013/test_i013.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST013_CLIENT_TESTS_H_
+#define _TEST013_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i013_client_tests_list[];
+
+int32_t client_test_psa_get_with_more_than_one_signal(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i013/test_supp_i013.c b/psa-ff/test_suites/ipc/test_i013/test_supp_i013.c
new file mode 100644
index 0000000..f4e3f40
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i013/test_supp_i013.c
@@ -0,0 +1,77 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_get_with_more_than_one_signal(void);
+
+server_test_t test_i013_server_tests_list[] = {
+ NULL,
+ server_test_psa_get_with_more_than_one_signal,
+ NULL,
+};
+
+int32_t server_test_psa_get_with_more_than_one_signal(void)
+{
+ psa_msg_t msg = {0};
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ if ((psa_wait_any(PSA_BLOCK)) & SERVER_UNSPECIFED_MINOR_V_SIG)
+ {
+ /* Setting boot.state before test check */
+ if (val_set_boot_flag(BOOT_EXPECTED_NS))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ /* Unblock client */
+ if (psa_get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ {
+ val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ }
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* multiple signals check */
+ psa_get((SERVER_UNSPECIFED_MINOR_V_SIG | SERVER_RELAX_MINOR_VERSION_SID), &msg);
+
+ /* shouldn't have reached here */
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ val_err_check_set(TEST_CHECKPOINT_NUM(203), status);
+
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i014/source.mk b/psa-ff/test_suites/ipc/test_i014/source.mk
new file mode 100644
index 0000000..ba29e7d
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i014/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i014.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i014/test_entry.c b/psa-ff/test_suites/ipc/test_i014/test_entry.c
new file mode 100644
index 0000000..0ad7222
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i014/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i014.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 14)
+#define TEST_DESC "Testing psa_get called twice\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i014_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i014/test_i014.c b/psa-ff/test_suites/ipc/test_i014/test_i014.c
new file mode 100644
index 0000000..c11a8ab
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i014/test_i014.c
@@ -0,0 +1,47 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i014.h"
+
+client_test_t test_i014_client_tests_list[] = {
+ NULL,
+ client_test_psa_get_called_twice,
+ NULL,
+};
+
+int32_t client_test_psa_get_called_twice(security_t caller)
+{
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check1] Test psa_get called twice\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tConnection should failed but successed\n", 0);
+
+ (void)(handle);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i014/test_i014.h b/psa-ff/test_suites/ipc/test_i014/test_i014.h
new file mode 100644
index 0000000..13faa48
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i014/test_i014.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST014_CLIENT_TESTS_H_
+#define _TEST014_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i014_client_tests_list[];
+
+int32_t client_test_psa_get_called_twice(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i014/test_supp_i014.c b/psa-ff/test_suites/ipc/test_i014/test_supp_i014.c
new file mode 100644
index 0000000..31b2944
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i014/test_supp_i014.c
@@ -0,0 +1,81 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_get_called_twice(void);
+
+server_test_t test_i014_server_tests_list[] = {
+ NULL,
+ server_test_psa_get_called_twice,
+ NULL,
+};
+
+int32_t server_test_psa_get_called_twice(void)
+{
+ psa_msg_t msg = {0};
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+wait:
+ if ((psa_wait_any(PSA_BLOCK)) & SERVER_UNSPECIFED_MINOR_V_SIG)
+ {
+ /* First psa_get call */
+ if (psa_get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg) != PSA_SUCCESS)
+ {
+ goto wait;
+ }
+ /* Debug print */
+ val_err_check_set(TEST_CHECKPOINT_NUM(201), status);
+
+ /* Setting boot.state before test check */
+ if (val_set_boot_flag(BOOT_EXPECTED_NS))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ /* Unblock client */
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Second psa_get call. This should not return */
+ psa_get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+
+ /* shouldn't have reached here */
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ val_err_check_set(TEST_CHECKPOINT_NUM(202), status);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i015/source.mk b/psa-ff/test_suites/ipc/test_i015/source.mk
new file mode 100644
index 0000000..ab2caf7
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i015/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i015.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i015/test_entry.c b/psa-ff/test_suites/ipc/test_i015/test_entry.c
new file mode 100644
index 0000000..b6ddaa2
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i015/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i015.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 15)
+#define TEST_DESC "Testing psa_get with non-RoT signal\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i015_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i015/test_i015.c b/psa-ff/test_suites/ipc/test_i015/test_i015.c
new file mode 100644
index 0000000..715a947
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i015/test_i015.c
@@ -0,0 +1,47 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i015.h"
+
+client_test_t test_i015_client_tests_list[] = {
+ NULL,
+ client_test_psa_get_with_non_rot_signal,
+ NULL,
+};
+
+int32_t client_test_psa_get_with_non_rot_signal(security_t caller)
+{
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check1] Test psa_get with non-RoT signal\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tConnection should failed but successed\n", 0);
+
+ (void)(handle);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i015/test_i015.h b/psa-ff/test_suites/ipc/test_i015/test_i015.h
new file mode 100644
index 0000000..9512bea
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i015/test_i015.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST015_CLIENT_TESTS_H_
+#define _TEST015_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i015_client_tests_list[];
+
+int32_t client_test_psa_get_with_non_rot_signal(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i015/test_supp_i015.c b/psa-ff/test_suites/ipc/test_i015/test_supp_i015.c
new file mode 100644
index 0000000..08c91e3
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i015/test_supp_i015.c
@@ -0,0 +1,74 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_get_with_non_rot_signal(void);
+
+server_test_t test_i015_server_tests_list[] = {
+ NULL,
+ server_test_psa_get_with_non_rot_signal,
+ NULL,
+};
+
+int32_t server_test_psa_get_with_non_rot_signal(void)
+{
+ psa_msg_t msg = {0};
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ if ((psa_wait_any(PSA_BLOCK)) & SERVER_UNSPECIFED_MINOR_V_SIG)
+ {
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /* Call to psa_get should not return */
+ psa_get(PSA_DOORBELL, &msg);
+
+ /* shouldn't have reached here */
+ /* Resetting boot.state to catch unwanted reboot */
+ status = val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ val_err_check_set(TEST_CHECKPOINT_NUM(203), status);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i016/source.mk b/psa-ff/test_suites/ipc/test_i016/source.mk
new file mode 100644
index 0000000..acce71c
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i016/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i016.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i016/test_entry.c b/psa-ff/test_suites/ipc/test_i016/test_entry.c
new file mode 100644
index 0000000..62aaf75
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i016/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i016.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 16)
+#define TEST_DESC "Testing psa_get with unasserted signal\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i016_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i016/test_i016.c b/psa-ff/test_suites/ipc/test_i016/test_i016.c
new file mode 100644
index 0000000..6edbbe9
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i016/test_i016.c
@@ -0,0 +1,47 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i016.h"
+
+client_test_t test_i016_client_tests_list[] = {
+ NULL,
+ client_test_psa_get_with_unasserted_signal,
+ NULL,
+};
+
+int32_t client_test_psa_get_with_unasserted_signal(security_t caller)
+{
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check1] Test psa_get with unasserted signal\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tConnection should failed but successed\n", 0);
+
+ (void)(handle);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i016/test_i016.h b/psa-ff/test_suites/ipc/test_i016/test_i016.h
new file mode 100644
index 0000000..f5d9d2b
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i016/test_i016.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST015_CLIENT_TESTS_H_
+#define _TEST015_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i016_client_tests_list[];
+
+int32_t client_test_psa_get_with_unasserted_signal(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i016/test_supp_i016.c b/psa-ff/test_suites/ipc/test_i016/test_supp_i016.c
new file mode 100644
index 0000000..4b2e5a5
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i016/test_supp_i016.c
@@ -0,0 +1,74 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_get_with_unasserted_signal(void);
+
+server_test_t test_i016_server_tests_list[] = {
+ NULL,
+ server_test_psa_get_with_unasserted_signal,
+ NULL,
+};
+
+int32_t server_test_psa_get_with_unasserted_signal(void)
+{
+ psa_msg_t msg = {0};
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ if ((psa_wait_any(PSA_BLOCK)) & SERVER_UNSPECIFED_MINOR_V_SIG)
+ {
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_get(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /* Unasserted signal check, call to psa_get should not return */
+ psa_get(SERVER_RELAX_MINOR_VERSION_SID, &msg);
+
+ /* shouldn't have reached here */
+ /* Resetting boot.state to catch unwanted reboot */
+ status = val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ val_err_check_set(TEST_CHECKPOINT_NUM(203), status);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i017/source.mk b/psa-ff/test_suites/ipc/test_i017/source.mk
new file mode 100644
index 0000000..040be0d
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i017/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i017.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i017/test_entry.c b/psa-ff/test_suites/ipc/test_i017/test_entry.c
new file mode 100644
index 0000000..a53b16e
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i017/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i017.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 17)
+#define TEST_DESC "Testing partition calling its own RoT service\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i017_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i017/test_i017.c b/psa-ff/test_suites/ipc/test_i017/test_i017.c
new file mode 100644
index 0000000..47c54d7
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i017/test_i017.c
@@ -0,0 +1,47 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i017.h"
+
+client_test_t test_i017_client_tests_list[] = {
+ NULL,
+ client_test_partition_calling_its_own_rot_service,
+ NULL,
+};
+
+int32_t client_test_partition_calling_its_own_rot_service(security_t caller)
+{
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check1] Test partition calling its own RoT service\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tConnection should failed but successed\n", 0);
+
+ (void)(handle);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i017/test_i017.h b/psa-ff/test_suites/ipc/test_i017/test_i017.h
new file mode 100644
index 0000000..3ad60d0
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i017/test_i017.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST017_CLIENT_TESTS_H_
+#define _TEST017_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i017_client_tests_list[];
+
+int32_t client_test_partition_calling_its_own_rot_service(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i017/test_supp_i017.c b/psa-ff/test_suites/ipc/test_i017/test_supp_i017.c
new file mode 100644
index 0000000..5008260
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i017/test_supp_i017.c
@@ -0,0 +1,82 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_partition_calling_its_own_rot_service(void);
+
+server_test_t test_i017_server_tests_list[] = {
+ NULL,
+ server_test_partition_calling_its_own_rot_service,
+ NULL,
+};
+
+int32_t server_test_partition_calling_its_own_rot_service(void)
+{
+ psa_msg_t msg = {0};
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /* Calling server partition RoT service using IPC and call should not return */
+ handle = psa_connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR, "\tConnection should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ status = val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ val_err_check_set(TEST_CHECKPOINT_NUM(204), status);
+
+ (void)(handle);
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i018/source.mk b/psa-ff/test_suites/ipc/test_i018/source.mk
new file mode 100644
index 0000000..fe6e94f
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i018/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i018.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i018/test_entry.c b/psa-ff/test_suites/ipc/test_i018/test_entry.c
new file mode 100644
index 0000000..ef164f1
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i018/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i018.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 18)
+#define TEST_DESC "Testing psa_set_rhandle with invalid msg handle\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i018_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i018/test_i018.c b/psa-ff/test_suites/ipc/test_i018/test_i018.c
new file mode 100644
index 0000000..726c2b9
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i018/test_i018.c
@@ -0,0 +1,47 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i018.h"
+
+client_test_t test_i018_client_tests_list[] = {
+ NULL,
+ client_test_psa_set_rhandle_with_invalid_handle,
+ NULL,
+};
+
+int32_t client_test_psa_set_rhandle_with_invalid_handle(security_t caller)
+{
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check1] Test psa_set_rhandle with invalid msg handle\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tConnection should failed but successed\n", 0);
+
+ (void)(handle);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i018/test_i018.h b/psa-ff/test_suites/ipc/test_i018/test_i018.h
new file mode 100644
index 0000000..0ad2487
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i018/test_i018.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST018_CLIENT_TESTS_H_
+#define _TEST018_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i018_client_tests_list[];
+
+int32_t client_test_psa_set_rhandle_with_invalid_handle(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i018/test_supp_i018.c b/psa-ff/test_suites/ipc/test_i018/test_supp_i018.c
new file mode 100644
index 0000000..e951455
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i018/test_supp_i018.c
@@ -0,0 +1,83 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_set_rhandle_with_invalid_handle(void);
+
+server_test_t test_i018_server_tests_list[] = {
+ NULL,
+ server_test_psa_set_rhandle_with_invalid_handle,
+ NULL,
+};
+
+int32_t server_test_psa_set_rhandle_with_invalid_handle(void)
+{
+ psa_msg_t msg = {0};
+ int32_t status = VAL_STATUS_SUCCESS;
+ int *num = NULL;
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /* Call psa_set_rhandle with INVALID_HANLDE. Call shouldn't return */
+ *num = 5;
+ psa_set_rhandle(INVALID_HANDLE, num);
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_set_rhandle with invalid handle should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ status = val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return status;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ val_err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i019/source.mk b/psa-ff/test_suites/ipc/test_i019/source.mk
new file mode 100644
index 0000000..5146eee
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i019/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i019.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i019/test_entry.c b/psa-ff/test_suites/ipc/test_i019/test_entry.c
new file mode 100644
index 0000000..a2ccc6c
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i019/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i019.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 19)
+#define TEST_DESC "Testing psa_set_rhandle with NULL msg handle\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i019_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i019/test_i019.c b/psa-ff/test_suites/ipc/test_i019/test_i019.c
new file mode 100644
index 0000000..3e81e49
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i019/test_i019.c
@@ -0,0 +1,47 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i019.h"
+
+client_test_t test_i019_client_tests_list[] = {
+ NULL,
+ client_test_psa_set_rhandle_with_null_handle,
+ NULL,
+};
+
+int32_t client_test_psa_set_rhandle_with_null_handle(security_t caller)
+{
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check1] Test psa_set_rhandle with null msg handle\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tConnection should failed but successed\n", 0);
+
+ (void)(handle);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i019/test_i019.h b/psa-ff/test_suites/ipc/test_i019/test_i019.h
new file mode 100644
index 0000000..ea11995
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i019/test_i019.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST019_CLIENT_TESTS_H_
+#define _TEST019_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i019_client_tests_list[];
+
+int32_t client_test_psa_set_rhandle_with_null_handle(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i019/test_supp_i019.c b/psa-ff/test_suites/ipc/test_i019/test_supp_i019.c
new file mode 100644
index 0000000..a45d891
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i019/test_supp_i019.c
@@ -0,0 +1,72 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_set_rhandle_with_null_handle(void);
+
+server_test_t test_i019_server_tests_list[] = {
+ NULL,
+ server_test_psa_set_rhandle_with_null_handle,
+ NULL,
+};
+
+int32_t server_test_psa_set_rhandle_with_null_handle(void)
+{
+ psa_msg_t msg = {0};
+ int32_t status = VAL_STATUS_SUCCESS;
+ int *num = NULL;
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /* Set boot flag to BOOT_EXPECTED_* to indicate- test is targeting
+ fatal error condition and test will expect error recovery to happen */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /*Call psa_set_rhandle with PSA_NULL_HANDLE. Call shouldn't return*/
+ *num = 5;
+ psa_set_rhandle(PSA_NULL_HANDLE, num);
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_set_rhandle with NULL handle should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ status = val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return status;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ val_err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i020/source.mk b/psa-ff/test_suites/ipc/test_i020/source.mk
new file mode 100644
index 0000000..064390b
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i020/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i020.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i020/test_entry.c b/psa-ff/test_suites/ipc/test_i020/test_entry.c
new file mode 100644
index 0000000..2647f9b
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i020/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i020.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 20)
+#define TEST_DESC "Testing psa_reply with invalid status code for PSA_IPC_CONNECT\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i020_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i020/test_i020.c b/psa-ff/test_suites/ipc/test_i020/test_i020.c
new file mode 100644
index 0000000..62f588d
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i020/test_i020.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i020.h"
+
+client_test_t test_i020_client_tests_list[] = {
+ NULL,
+ client_test_psa_reply_with_invalid_connect_status_code,
+ NULL,
+};
+
+int32_t client_test_psa_reply_with_invalid_connect_status_code(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_reply with invalid status code for PSA_IPC_CONNECT\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tConnection should failed but successed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ (void)(handle);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i020/test_i020.h b/psa-ff/test_suites/ipc/test_i020/test_i020.h
new file mode 100644
index 0000000..74c3085
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i020/test_i020.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST020_CLIENT_TESTS_H_
+#define _TEST020_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i020_client_tests_list[];
+
+int32_t client_test_psa_reply_with_invalid_connect_status_code(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i020/test_supp_i020.c b/psa-ff/test_suites/ipc/test_i020/test_supp_i020.c
new file mode 100644
index 0000000..1701459
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i020/test_supp_i020.c
@@ -0,0 +1,80 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_reply_with_invalid_connect_status_code(void);
+
+server_test_t test_i020_server_tests_list[] = {
+ NULL,
+ server_test_psa_reply_with_invalid_connect_status_code,
+ NULL,
+};
+
+int32_t server_test_psa_reply_with_invalid_connect_status_code(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ psa_status_t invalid_status_code = PSA_CONNECTION_REFUSED + 0x10;
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /*Call psa_reply with invalid status code for PSA_IPC_CONNECT. Call shouldn't return*/
+ psa_reply(msg.handle, invalid_status_code);
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_reply with invalid status code for connect should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ status = val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return status;
+ }
+ status = VAL_STATUS_SPM_FAILED;
+ val_err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i021/source.mk b/psa-ff/test_suites/ipc/test_i021/source.mk
new file mode 100644
index 0000000..bb36ffe
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i021/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i021.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i021/test_entry.c b/psa-ff/test_suites/ipc/test_i021/test_entry.c
new file mode 100644
index 0000000..45de605
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i021/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i021.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 21)
+#define TEST_DESC "Testing psa_reply with invalid status code for PSA_IPC_CALL\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i021_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i021/test_i021.c b/psa-ff/test_suites/ipc/test_i021/test_i021.c
new file mode 100644
index 0000000..172fb30
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i021/test_i021.c
@@ -0,0 +1,61 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i021.h"
+
+client_test_t test_i021_client_tests_list[] = {
+ NULL,
+ client_test_psa_reply_with_invalid_call_status_code,
+ NULL,
+};
+
+int32_t client_test_psa_reply_with_invalid_call_status_code(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_reply with invalid status code for PSA_IPC_CALL\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but successed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i021/test_i021.h b/psa-ff/test_suites/ipc/test_i021/test_i021.h
new file mode 100644
index 0000000..d94bf79
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i021/test_i021.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST021_CLIENT_TESTS_H_
+#define _TEST021_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i021_client_tests_list[];
+
+int32_t client_test_psa_reply_with_invalid_call_status_code(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i021/test_supp_i021.c b/psa-ff/test_suites/ipc/test_i021/test_supp_i021.c
new file mode 100644
index 0000000..9e2ec16
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i021/test_supp_i021.c
@@ -0,0 +1,92 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_reply_with_invalid_call_status_code(void);
+
+server_test_t test_i021_server_tests_list[] = {
+ NULL,
+ server_test_psa_reply_with_invalid_call_status_code,
+ NULL,
+};
+
+int32_t server_test_psa_reply_with_invalid_call_status_code(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ psa_status_t invalid_status_code = INT32_MIN+1;
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, (PSA_SUCCESS - 2));
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, (PSA_SUCCESS - 3));
+ }
+ else
+ {
+ /* Call psa_reply with invalid status code for PSA_IPC_CALL. Call shouldn't return */
+ psa_reply(msg.handle, invalid_status_code);
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_reply with invalid status code for CALL should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+ status = VAL_STATUS_SPM_FAILED;
+ }
+ }
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ status = val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i022/source.mk b/psa-ff/test_suites/ipc/test_i022/source.mk
new file mode 100644
index 0000000..4d6fcff
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i022/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i022.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i022/test_entry.c b/psa-ff/test_suites/ipc/test_i022/test_entry.c
new file mode 100644
index 0000000..9b36f64
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i022/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i022.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 22)
+#define TEST_DESC "Testing psa_reply with invalid handle\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i022_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i022/test_i022.c b/psa-ff/test_suites/ipc/test_i022/test_i022.c
new file mode 100644
index 0000000..1085cb0
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i022/test_i022.c
@@ -0,0 +1,47 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i022.h"
+
+client_test_t test_i022_client_tests_list[] = {
+ NULL,
+ client_test_psa_reply_with_invalid_handle,
+ NULL,
+};
+
+int32_t client_test_psa_reply_with_invalid_handle(security_t caller)
+{
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check1] Testing psa_reply with invalid handle\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tConnection should failed but successed\n", 0);
+
+ (void)(handle);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i022/test_i022.h b/psa-ff/test_suites/ipc/test_i022/test_i022.h
new file mode 100644
index 0000000..5506613
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i022/test_i022.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST022_CLIENT_TESTS_H_
+#define _TEST022_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i022_client_tests_list[];
+
+int32_t client_test_psa_reply_with_invalid_handle(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i022/test_supp_i022.c b/psa-ff/test_suites/ipc/test_i022/test_supp_i022.c
new file mode 100644
index 0000000..6e4f43a
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i022/test_supp_i022.c
@@ -0,0 +1,80 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_reply_with_invalid_handle(void);
+
+server_test_t test_i022_server_tests_list[] = {
+ NULL,
+ server_test_psa_reply_with_invalid_handle,
+ NULL,
+};
+
+int32_t server_test_psa_reply_with_invalid_handle(void)
+{
+ psa_msg_t msg = {0};
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /*Call psa_reply with INVALID_HANLDE. Call shouldn't return*/
+ psa_reply(INVALID_HANDLE, PSA_CONNECTION_REFUSED);
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_reply with invalid handle should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ status = val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return status;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ val_err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i023/source.mk b/psa-ff/test_suites/ipc/test_i023/source.mk
new file mode 100644
index 0000000..43d511c
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i023/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i023.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i023/test_entry.c b/psa-ff/test_suites/ipc/test_i023/test_entry.c
new file mode 100644
index 0000000..30f0e5e
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i023/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i023.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 23)
+#define TEST_DESC "Testing psa_reply with NULL handle\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i023_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i023/test_i023.c b/psa-ff/test_suites/ipc/test_i023/test_i023.c
new file mode 100644
index 0000000..0827544
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i023/test_i023.c
@@ -0,0 +1,47 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i023.h"
+
+client_test_t test_i023_client_tests_list[] = {
+ NULL,
+ client_test_psa_reply_with_null_handle,
+ NULL,
+};
+
+int32_t client_test_psa_reply_with_null_handle(security_t caller)
+{
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check1] Testing psa_reply with invalid handle\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tConnection should failed but successed\n", 0);
+
+ (void)(handle);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i023/test_i023.h b/psa-ff/test_suites/ipc/test_i023/test_i023.h
new file mode 100644
index 0000000..8d065f0
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i023/test_i023.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST023_CLIENT_TESTS_H_
+#define _TEST023_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i023_client_tests_list[];
+
+int32_t client_test_psa_reply_with_null_handle(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i023/test_supp_i023.c b/psa-ff/test_suites/ipc/test_i023/test_supp_i023.c
new file mode 100644
index 0000000..d28aa44
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i023/test_supp_i023.c
@@ -0,0 +1,82 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_reply_with_null_handle(void);
+
+server_test_t test_i023_server_tests_list[] = {
+ NULL,
+ server_test_psa_reply_with_null_handle,
+ NULL,
+};
+
+int32_t server_test_psa_reply_with_null_handle(void)
+{
+ psa_msg_t msg = {0};
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /* Test check - Call psa_reply with PSA_NULL_HANDLE. Call shouldn't return */
+ psa_reply(PSA_NULL_HANDLE, PSA_CONNECTION_REFUSED);
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_reply with NULL handle should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ status = val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+
+ status = VAL_STATUS_SPM_FAILED;
+ val_err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i024/source.mk b/psa-ff/test_suites/ipc/test_i024/source.mk
new file mode 100644
index 0000000..8b9ee54
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i024/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i024.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i024/test_entry.c b/psa-ff/test_suites/ipc/test_i024/test_entry.c
new file mode 100644
index 0000000..35c258d
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i024/test_entry.c
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i024.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 24)
+#define TEST_DESC "Testing psa_call with invalid handle\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i024_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i024/test_i024.c b/psa-ff/test_suites/ipc/test_i024/test_i024.c
new file mode 100644
index 0000000..d6a8551
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i024/test_i024.c
@@ -0,0 +1,89 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i024.h"
+
+client_test_t test_i024_client_tests_list[] = {
+ NULL,
+ client_test_psa_call_with_invalid_handle,
+ NULL,
+};
+
+int32_t client_test_psa_call_with_invalid_handle(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+ boot_state_t boot_state;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_call with invalid handle\n", 0);
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Test check- psa_call with INVALID_HANDLE */
+ status_of_call = psa->call(INVALID_HANDLE, NULL, 0, NULL, 0);
+
+ /* Expectation is psa_call should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tpsa_call should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i024/test_i024.h b/psa-ff/test_suites/ipc/test_i024/test_i024.h
new file mode 100644
index 0000000..1d38d68
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i024/test_i024.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST024_CLIENT_TESTS_H_
+#define _TEST024_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i024_client_tests_list[];
+
+int32_t client_test_psa_call_with_invalid_handle(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i024/test_supp_i024.c b/psa-ff/test_suites/ipc/test_i024/test_supp_i024.c
new file mode 100644
index 0000000..d3bbbf1
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i024/test_supp_i024.c
@@ -0,0 +1,52 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_call_with_invalid_handle(void);
+
+server_test_t test_i024_server_tests_list[] = {
+ NULL,
+ server_test_psa_call_with_invalid_handle,
+ NULL,
+};
+
+int32_t server_test_psa_call_with_invalid_handle(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+
+ /* Control shouldn't have come here */
+ val_print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+ psa_reply(msg.handle, -2);
+
+ val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i025/source.mk b/psa-ff/test_suites/ipc/test_i025/source.mk
new file mode 100644
index 0000000..bb0b6af
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i025/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i025.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i025/test_entry.c b/psa-ff/test_suites/ipc/test_i025/test_entry.c
new file mode 100644
index 0000000..7dec64a
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i025/test_entry.c
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i025.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 25)
+#define TEST_DESC "Testing psa_call with NULL handle\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i025_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i025/test_i025.c b/psa-ff/test_suites/ipc/test_i025/test_i025.c
new file mode 100644
index 0000000..a8cd726
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i025/test_i025.c
@@ -0,0 +1,89 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i025.h"
+
+client_test_t test_i025_client_tests_list[] = {
+ NULL,
+ client_test_psa_call_with_null_handle,
+ NULL,
+};
+
+int32_t client_test_psa_call_with_null_handle(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+ boot_state_t boot_state;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_call with NULL handle\n", 0);
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Test check- psa_call with NULL HANDLE */
+ status_of_call = psa->call(PSA_NULL_HANDLE, NULL, 0, NULL, 0);
+
+ /* Expectation is psa_call should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i025/test_i025.h b/psa-ff/test_suites/ipc/test_i025/test_i025.h
new file mode 100644
index 0000000..3b871e8
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i025/test_i025.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST025_CLIENT_TESTS_H_
+#define _TEST025_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i025_client_tests_list[];
+
+int32_t client_test_psa_call_with_null_handle(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i025/test_supp_i025.c b/psa-ff/test_suites/ipc/test_i025/test_supp_i025.c
new file mode 100644
index 0000000..036a2c9
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i025/test_supp_i025.c
@@ -0,0 +1,52 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_call_with_null_handle(void);
+
+server_test_t test_i025_server_tests_list[] = {
+ NULL,
+ server_test_psa_call_with_null_handle,
+ NULL,
+};
+
+int32_t server_test_psa_call_with_null_handle(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+
+ /* Control shouldn't have come here */
+ val_print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+ psa_reply(msg.handle, -2);
+
+ val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i026/source.mk b/psa-ff/test_suites/ipc/test_i026/source.mk
new file mode 100644
index 0000000..238a139
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i026/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i026.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i026/test_entry.c b/psa-ff/test_suites/ipc/test_i026/test_entry.c
new file mode 100644
index 0000000..feeba46
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i026/test_entry.c
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i026.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 26)
+#define TEST_DESC "Testing psa_call with IOVEC > PSA_MAX_IOVEC\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i026_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i026/test_i026.c b/psa-ff/test_suites/ipc/test_i026/test_i026.c
new file mode 100644
index 0000000..2c41d18
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i026/test_i026.c
@@ -0,0 +1,96 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i026.h"
+
+client_test_t test_i026_client_tests_list[] = {
+ NULL,
+ client_test_psa_call_with_iovec_more_than_max_limit,
+ NULL,
+};
+
+int32_t client_test_psa_call_with_iovec_more_than_max_limit(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ uint8_t data = 0x11;
+ psa_status_t status_of_call;
+ boot_state_t boot_state;
+ psa_invec invec[PSA_MAX_IOVEC] = {{&data, sizeof(data)},
+ {&data, sizeof(data)},
+ {&data, sizeof(data)},
+ {&data, sizeof(data)}
+ };
+ psa_outvec outvec[1] = {{&data, sizeof(data)}};
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_call with IOVEC > PSA_MAX_IOVEC\n", 0);
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ /* Setting boot.state before test check */
+ boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ /* Test check- psa_call with IOVEC > PSA_MAX_IOVEC */
+ status_of_call = psa->call(handle, invec, PSA_MAX_IOVEC, outvec, 1);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val->set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i026/test_i026.h b/psa-ff/test_suites/ipc/test_i026/test_i026.h
new file mode 100644
index 0000000..34c81c8
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i026/test_i026.h
@@ -0,0 +1,37 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST026_CLIENT_TESTS_H_
+#define _TEST026_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+/* Redefining PSA_MAX_IOVEC as it is undefined for client */
+#ifndef PSA_MAX_IOVEC
+#define PSA_MAX_IOVEC 4
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i026_client_tests_list[];
+
+int32_t client_test_psa_call_with_iovec_more_than_max_limit(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i026/test_supp_i026.c b/psa-ff/test_suites/ipc/test_i026/test_supp_i026.c
new file mode 100644
index 0000000..0e5be8f
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i026/test_supp_i026.c
@@ -0,0 +1,52 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_call_with_iovec_more_than_max_limit();
+
+server_test_t test_i026_server_tests_list[] = {
+ NULL,
+ server_test_psa_call_with_iovec_more_than_max_limit,
+ NULL,
+};
+
+int32_t server_test_psa_call_with_iovec_more_than_max_limit()
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+
+ /* Control shouldn't have come here */
+ val_print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+ psa_reply(msg.handle, -2);
+
+ val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i027/source.mk b/psa-ff/test_suites/ipc/test_i027/source.mk
new file mode 100644
index 0000000..69f6fc8
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i027/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i027.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i027/test_entry.c b/psa-ff/test_suites/ipc/test_i027/test_entry.c
new file mode 100644
index 0000000..3f09f0b
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i027/test_entry.c
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i027.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 27)
+#define TEST_DESC "Testing PSA_DROP_CONNECTION\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i027_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+ /* Switch to secure side (client_partition.c) and execute list of tests available in
+ test[num]_client_tests_list from Secure side */
+ status = val->switch_to_secure_client(TEST_NUM);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i027/test_i027.c b/psa-ff/test_suites/ipc/test_i027/test_i027.c
new file mode 100644
index 0000000..2857132
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i027/test_i027.c
@@ -0,0 +1,119 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i027.h"
+
+client_test_t test_i027_client_tests_list[] = {
+ NULL,
+ client_test_psa_drop_connection,
+ NULL,
+};
+
+int32_t client_test_psa_drop_connection(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+ boot_state_t boot_state;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test PSA_DROP_CONNECTION\n", 0);
+
+ /* Test algorithm:
+ *
+ * RoT service will terminate the connection by completing the message with a call
+ * to psa_reply() using the status code PSA_DROP_CONNECTION.
+ *
+ * The SPM can implement the required PSA_DROP_CONNECTION behavior in different ways:
+ *
+ * 1. Return PSA_DROP_CONNECTION to the client from the faulty psa_call() and mark the
+ * SPM connection object so that all future calls to psa_call() on this connection are
+ * immediately failed with PSA_DROP_CONNECTION. And SPM must deliver a PSA_IPC_DISCONNECT
+ * message for the connection to the RoT Service directly after receipt of the
+ * PSA_DROP_CONNECTION completion to allow connection resources within the RoT Service
+ * to be released.
+ *
+ * 2. Terminate the client task and restart if appropriate for the system
+ *
+ *
+ * If SPM implementation happens to be to first case, the test will expect psa_call to return
+ * PSA_DROP_CONNECTION for every future call to psa_call on the connection
+ *
+ * If SPM implementation happens to be second case, test will expect does not return behaviour
+ * for executed psa_call API
+ */
+
+ handle = psa->connect(SERVER_CONNECTION_DROP_SID, 1);
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ /* Setting boot flag to BOOT_EXPECTED_* to help error recovery if SPM behaviour
+ * matches with 2nd case
+ */
+ boot_state = (caller == NONSECURE) ? BOOT_EXPECTED_NS : BOOT_EXPECTED_S;
+ if (val->set_boot_flag(boot_state))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ return VAL_STATUS_ERROR;
+ }
+
+ status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ status = val->set_boot_flag(BOOT_NOT_EXPECTED);
+ if (VAL_ERROR(status))
+ {
+ val->print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ goto exit;
+ }
+
+ /* Case 1 implementation */
+ if (status_of_call == PSA_DROP_CONNECTION)
+ {
+ val->print(PRINT_DEBUG, "\tRecieved PSA_DROP_CONNECTION\n", 0);
+
+ status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+ if (status_of_call != PSA_DROP_CONNECTION)
+ {
+ status = VAL_STATUS_SPM_FAILED;
+ val->print(PRINT_ERROR,
+ "\tCall should have returned PSA_DROP_CONNECTION. Status = 0x%x\n", status_of_call);
+ }
+ }
+ /* If implementation is case 2, control shouldn't have come here*/
+ else
+ {
+ /* psa_call should hang and control shouldn't have come here */
+ status = VAL_STATUS_SPM_FAILED;
+ val->print(PRINT_ERROR, "\tCall should failed but successed\n", 0);
+ }
+
+exit:
+ psa->close(handle);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i027/test_i027.h b/psa-ff/test_suites/ipc/test_i027/test_i027.h
new file mode 100644
index 0000000..c32bc9f
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i027/test_i027.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST027_CLIENT_TESTS_H_
+#define _TEST027_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i027_client_tests_list[];
+
+int32_t client_test_psa_drop_connection(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i027/test_supp_i027.c b/psa-ff/test_suites/ipc/test_i027/test_supp_i027.c
new file mode 100644
index 0000000..4c1ac21
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i027/test_supp_i027.c
@@ -0,0 +1,65 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_drop_connection(void);
+
+server_test_t test_i027_server_tests_list[] = {
+ NULL,
+ server_test_psa_drop_connection,
+ NULL,
+};
+
+int32_t server_test_psa_drop_connection(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ status = val_process_connect_request(SERVER_CONNECTION_DROP_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_call_request(SERVER_CONNECTION_DROP_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, -2);
+ goto exit;
+ }
+ else
+ {
+ psa_reply(msg.handle, PSA_DROP_CONNECTION);
+ }
+
+exit:
+ /* SPM must deliver a PSA_IPC_DISCONNECT message for the connection to the RoT Service
+ directly after receipt of the PSA_DROP_CONNECTION completion to allow connection resources
+ within the RoT Service to be released */
+ status = val_process_disconnect_request(SERVER_CONNECTION_DROP_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val_print(PRINT_ERROR, "\tDisconnect request failed\n", 0);
+ }
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i028/source.mk b/psa-ff/test_suites/ipc/test_i028/source.mk
new file mode 100644
index 0000000..51bba19
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i028/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i028.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i028/test_entry.c b/psa-ff/test_suites/ipc/test_i028/test_entry.c
new file mode 100644
index 0000000..6126f47
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i028/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i028.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 28)
+#define TEST_DESC "Testing psa_read at PSA_IPC_CONNECT\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if(!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i028_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i028/test_i028.c b/psa-ff/test_suites/ipc/test_i028/test_i028.c
new file mode 100644
index 0000000..4d63732
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i028/test_i028.c
@@ -0,0 +1,47 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i028.h"
+
+client_test_t test_i028_client_tests_list[] = {
+ NULL,
+ client_test_psa_read_at_ipc_connect,
+ NULL,
+};
+
+int32_t client_test_psa_read_at_ipc_connect(security_t caller)
+{
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check1] Test psa_read at PSA_IPC_CONNECT\n", 0);
+
+ handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
+
+ /* Shouldn't have reached here */
+ val->print(PRINT_ERROR, "\tConnection should have failed but succeeded\n", 0);
+
+ (void)(handle);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i028/test_i028.h b/psa-ff/test_suites/ipc/test_i028/test_i028.h
new file mode 100644
index 0000000..de8dcb5
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i028/test_i028.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST028_CLIENT_TESTS_H_
+#define _TEST028_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i028_client_tests_list[];
+
+int32_t client_test_psa_read_at_ipc_connect(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i028/test_supp_i028.c b/psa-ff/test_suites/ipc/test_i028/test_supp_i028.c
new file mode 100644
index 0000000..88df3c5
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i028/test_supp_i028.c
@@ -0,0 +1,78 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+#define NUM_OF_BYTES 4
+
+int32_t server_test_psa_read_at_ipc_connect();
+
+server_test_t test_i028_server_tests_list[] = {
+ NULL,
+ server_test_psa_read_at_ipc_connect,
+ NULL,
+};
+
+int32_t server_test_psa_read_at_ipc_connect()
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t data[NUM_OF_BYTES] = {0};
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ status = val_process_connect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /*psa_read at PSA_IPC_CONNECT */
+ psa_read(msg.handle, 0, (void *)data, 0);
+
+ /* Shouldn't have reached here */
+ val_print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return VAL_STATUS_INVALID;
+}
diff --git a/psa-ff/test_suites/ipc/test_i029/source.mk b/psa-ff/test_suites/ipc/test_i029/source.mk
new file mode 100644
index 0000000..2e28cf8
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i029/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i029.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i029/test_entry.c b/psa-ff/test_suites/ipc/test_i029/test_entry.c
new file mode 100644
index 0000000..e548d0f
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i029/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i029.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 29)
+#define TEST_DESC "Testing psa_read at PSA_IPC_DISCONNECT\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i029_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i029/test_i029.c b/psa-ff/test_suites/ipc/test_i029/test_i029.c
new file mode 100644
index 0000000..b867eb7
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i029/test_i029.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i029.h"
+
+client_test_t test_i029_client_tests_list[] = {
+ NULL,
+ client_test_psa_read_at_ipc_disconnect,
+ NULL,
+};
+
+int32_t client_test_psa_read_at_ipc_disconnect(security_t caller)
+{
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check1] Test psa_read at PSA_IPC_DISCONNECT\n", 0);
+
+ handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
+
+ /* Shouldn't have reached here */
+ val->print(PRINT_ERROR, "\tCheck for psa_read at PSA_IPC_DISCONNECT failed\n", 0);
+
+ if (handle > 0)
+ {
+ psa->close(handle);
+ }
+
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i029/test_i029.h b/psa-ff/test_suites/ipc/test_i029/test_i029.h
new file mode 100644
index 0000000..a463189
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i029/test_i029.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST029_CLIENT_TESTS_H_
+#define _TEST029_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i029_client_tests_list[];
+
+int32_t client_test_psa_read_at_ipc_disconnect(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i029/test_supp_i029.c b/psa-ff/test_suites/ipc/test_i029/test_supp_i029.c
new file mode 100644
index 0000000..1738b10
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i029/test_supp_i029.c
@@ -0,0 +1,85 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+#define NUM_OF_BYTES 4
+
+int32_t server_test_psa_read_at_ipc_disconnect(void);
+
+server_test_t test_i029_server_tests_list[] = {
+ NULL,
+ server_test_psa_read_at_ipc_disconnect,
+ NULL,
+};
+
+int32_t server_test_psa_read_at_ipc_disconnect(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t data[NUM_OF_BYTES] = {0};
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ status = val_process_connect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_disconnect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+ }
+
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+ }
+
+ /* Test check - psa_read at PSA_IPC_DISCONNECT */
+ psa_read(msg.handle, 0, (void *)data, 0);
+
+ /* Shouldn't have reached here */
+ val_print(PRINT_ERROR, "\tControl shouldn't have reached here\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return VAL_STATUS_INVALID;
+}
diff --git a/psa-ff/test_suites/ipc/test_i030/source.mk b/psa-ff/test_suites/ipc/test_i030/source.mk
new file mode 100644
index 0000000..933df7f
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i030/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i030.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i030/test_entry.c b/psa-ff/test_suites/ipc/test_i030/test_entry.c
new file mode 100644
index 0000000..bef8a99
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i030/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i030.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 30)
+#define TEST_DESC "Testing psa_read with NULL handle\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i030_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i030/test_i030.c b/psa-ff/test_suites/ipc/test_i030/test_i030.c
new file mode 100644
index 0000000..6b383ed
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i030/test_i030.c
@@ -0,0 +1,61 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i030.h"
+
+client_test_t test_i030_client_tests_list[] = {
+ NULL,
+ client_test_psa_read_with_null_handle,
+ NULL,
+};
+
+int32_t client_test_psa_read_with_null_handle(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_read with NULL handle\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but successed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i030/test_i030.h b/psa-ff/test_suites/ipc/test_i030/test_i030.h
new file mode 100644
index 0000000..b06d100
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i030/test_i030.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST030_CLIENT_TESTS_H_
+#define _TEST030_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i030_client_tests_list[];
+
+int32_t client_test_psa_read_with_null_handle(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i030/test_supp_i030.c b/psa-ff/test_suites/ipc/test_i030/test_supp_i030.c
new file mode 100644
index 0000000..fb3afd7
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i030/test_supp_i030.c
@@ -0,0 +1,97 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+#define NUM_OF_BYTES 4
+
+int32_t server_test_psa_read_with_null_handle(void);
+
+server_test_t test_i030_server_tests_list[] = {
+ NULL,
+ server_test_psa_read_with_null_handle,
+ NULL,
+};
+
+int32_t server_test_psa_read_with_null_handle(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t data[NUM_OF_BYTES] = {0};
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_read with PSA_NULL_HANDLE */
+ psa_read(PSA_NULL_HANDLE, 0, (void *)data, 0);
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_read with NULL handle should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa_reply(msg.handle, -4);
+ }
+ }
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ status = ((val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ ? VAL_STATUS_ERROR : status);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i031/source.mk b/psa-ff/test_suites/ipc/test_i031/source.mk
new file mode 100644
index 0000000..ab357fb
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i031/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i031.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i031/test_entry.c b/psa-ff/test_suites/ipc/test_i031/test_entry.c
new file mode 100644
index 0000000..eeb9f44
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i031/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i031.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 31)
+#define TEST_DESC "Testing psa_read with invalid handle\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i031_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i031/test_i031.c b/psa-ff/test_suites/ipc/test_i031/test_i031.c
new file mode 100644
index 0000000..d802d18
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i031/test_i031.c
@@ -0,0 +1,60 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i031.h"
+
+client_test_t test_i031_client_tests_list[] = {
+ NULL,
+ client_test_psa_read_with_invalid_handle,
+ NULL,
+};
+
+int32_t client_test_psa_read_with_invalid_handle(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_read with invalid handle\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but successed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i031/test_i031.h b/psa-ff/test_suites/ipc/test_i031/test_i031.h
new file mode 100644
index 0000000..1ba26dd
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i031/test_i031.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST031_CLIENT_TESTS_H_
+#define _TEST031_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i031_client_tests_list[];
+
+int32_t client_test_psa_read_with_invalid_handle(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i031/test_supp_i031.c b/psa-ff/test_suites/ipc/test_i031/test_supp_i031.c
new file mode 100644
index 0000000..3b41ba1
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i031/test_supp_i031.c
@@ -0,0 +1,97 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+#define NUM_OF_BYTES 4
+
+int32_t server_test_psa_read_with_invalid_handle(void);
+
+server_test_t test_i031_server_tests_list[] = {
+ NULL,
+ server_test_psa_read_with_invalid_handle,
+ NULL,
+};
+
+int32_t server_test_psa_read_with_invalid_handle(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t data[NUM_OF_BYTES] = {0};
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_read with INVALID_HANDLE */
+ psa_read(INVALID_HANDLE, 0, (void *)data, 0);
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_read with invalid handle should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa_reply(msg.handle, -4);
+ }
+ }
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ status = ((val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ ? VAL_STATUS_ERROR : status);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i032/source.mk b/psa-ff/test_suites/ipc/test_i032/source.mk
new file mode 100644
index 0000000..7375635
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i032/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i032.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i032/test_entry.c b/psa-ff/test_suites/ipc/test_i032/test_entry.c
new file mode 100644
index 0000000..6e3826a
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i032/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i032.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 32)
+#define TEST_DESC "Testing psa_read with invec_idx=PSA_MAX_IOVEC\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i032_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i032/test_i032.c b/psa-ff/test_suites/ipc/test_i032/test_i032.c
new file mode 100644
index 0000000..f8b7adc
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i032/test_i032.c
@@ -0,0 +1,60 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i032.h"
+
+client_test_t test_i032_client_tests_list[] = {
+ NULL,
+ client_test_psa_read_with_invec_equal_to_max_iovec,
+ NULL,
+};
+
+int32_t client_test_psa_read_with_invec_equal_to_max_iovec(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_read with invec_idx=PSA_MAX_IOVEC\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but successed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i032/test_i032.h b/psa-ff/test_suites/ipc/test_i032/test_i032.h
new file mode 100644
index 0000000..f82a29d
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i032/test_i032.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST032_CLIENT_TESTS_H_
+#define _TEST032_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i032_client_tests_list[];
+
+int32_t client_test_psa_read_with_invec_equal_to_max_iovec(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i032/test_supp_i032.c b/psa-ff/test_suites/ipc/test_i032/test_supp_i032.c
new file mode 100644
index 0000000..941615c
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i032/test_supp_i032.c
@@ -0,0 +1,97 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+#define NUM_OF_BYTES 4
+
+int32_t server_test_psa_read_with_invec_equal_to_max_iovec(void);
+
+server_test_t test_i032_server_tests_list[] = {
+ NULL,
+ server_test_psa_read_with_invec_equal_to_max_iovec,
+ NULL,
+};
+
+int32_t server_test_psa_read_with_invec_equal_to_max_iovec(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t data[NUM_OF_BYTES] = {0};
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if(val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_read with invec_idx=PSA_MAX_IOVEC */
+ psa_read(msg.handle, PSA_MAX_IOVEC, (void *)data, 0);
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_read with invec_idx=PSA_MAX_IOVEC should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+ status = VAL_STATUS_SPM_FAILED;
+ psa_reply(msg.handle, -4);
+
+ }
+ }
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ status = ((val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ ? VAL_STATUS_ERROR : status);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i033/source.mk b/psa-ff/test_suites/ipc/test_i033/source.mk
new file mode 100644
index 0000000..fbacde7
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i033/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i033.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i033/test_entry.c b/psa-ff/test_suites/ipc/test_i033/test_entry.c
new file mode 100644
index 0000000..75af2bf
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i033/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i033.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 33)
+#define TEST_DESC "Testing psa_read with invec_idx > PSA_MAX_IOVEC\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i033_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i033/test_i033.c b/psa-ff/test_suites/ipc/test_i033/test_i033.c
new file mode 100644
index 0000000..4eed653
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i033/test_i033.c
@@ -0,0 +1,60 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i033.h"
+
+client_test_t test_i033_client_tests_list[] = {
+ NULL,
+ client_test_psa_read_with_invec_greater_than_max_iovec,
+ NULL,
+};
+
+int32_t client_test_psa_read_with_invec_greater_than_max_iovec(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_read with invec_idx > PSA_MAX_IOVEC\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but successed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i033/test_i033.h b/psa-ff/test_suites/ipc/test_i033/test_i033.h
new file mode 100644
index 0000000..856d577
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i033/test_i033.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST033_CLIENT_TESTS_H_
+#define _TEST033_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i033_client_tests_list[];
+
+int32_t client_test_psa_read_with_invec_greater_than_max_iovec(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i033/test_supp_i033.c b/psa-ff/test_suites/ipc/test_i033/test_supp_i033.c
new file mode 100644
index 0000000..70f9308
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i033/test_supp_i033.c
@@ -0,0 +1,97 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+#define NUM_OF_BYTES 4
+
+int32_t server_test_psa_read_with_invec_greater_than_max_iovec(void);
+
+server_test_t test_i033_server_tests_list[] = {
+ NULL,
+ server_test_psa_read_with_invec_greater_than_max_iovec,
+ NULL,
+};
+
+int32_t server_test_psa_read_with_invec_greater_than_max_iovec(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t data[NUM_OF_BYTES] = {0};
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_read with invec_idx > PSA_MAX_IOVEC */
+ psa_read(msg.handle, PSA_MAX_IOVEC + 1, (void *)data, 0);
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_read with invec_idx > PSA_MAX_IOVEC should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa_reply(msg.handle, -4);
+ }
+ }
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ status = ((val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ ? VAL_STATUS_ERROR : status);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i034/source.mk b/psa-ff/test_suites/ipc/test_i034/source.mk
new file mode 100644
index 0000000..752c27e
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i034/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i034.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i034/test_entry.c b/psa-ff/test_suites/ipc/test_i034/test_entry.c
new file mode 100644
index 0000000..6538f41
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i034/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i034.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 34)
+#define TEST_DESC "Testing psa_skip at PSA_IPC_CONNECT\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i034_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i034/test_i034.c b/psa-ff/test_suites/ipc/test_i034/test_i034.c
new file mode 100644
index 0000000..4fa1bbe
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i034/test_i034.c
@@ -0,0 +1,47 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i034.h"
+
+client_test_t test_i034_client_tests_list[] = {
+ NULL,
+ client_test_psa_skip_at_ipc_connect,
+ NULL,
+};
+
+int32_t client_test_psa_skip_at_ipc_connect(security_t caller)
+{
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check1] Test psa_skip at PSA_IPC_CONNECT\n", 0);
+
+ handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
+
+ /* Shouldn't have reached here */
+ val->print(PRINT_ERROR, "\tConnection should have failed but succeeded\n", 0);
+
+ (void)(handle);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i034/test_i034.h b/psa-ff/test_suites/ipc/test_i034/test_i034.h
new file mode 100644
index 0000000..bc119be
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i034/test_i034.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST034_CLIENT_TESTS_H_
+#define _TEST034_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i034_client_tests_list[];
+
+int32_t client_test_psa_skip_at_ipc_connect(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i034/test_supp_i034.c b/psa-ff/test_suites/ipc/test_i034/test_supp_i034.c
new file mode 100644
index 0000000..6f98c12
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i034/test_supp_i034.c
@@ -0,0 +1,76 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_skip_at_ipc_connect(void);
+
+server_test_t test_i034_server_tests_list[] = {
+ NULL,
+ server_test_psa_skip_at_ipc_connect,
+ NULL,
+};
+
+int32_t server_test_psa_skip_at_ipc_connect(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ status = val_process_connect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /* Test check- psa_skip at PSA_IPC_CONNECT */
+ psa_skip(msg.handle, 0, 0);
+
+ /* Shouldn't have reached here */
+ val_print(PRINT_ERROR,"\tpsa_skip should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return VAL_STATUS_INVALID;
+}
diff --git a/psa-ff/test_suites/ipc/test_i035/source.mk b/psa-ff/test_suites/ipc/test_i035/source.mk
new file mode 100644
index 0000000..a542e1c
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i035/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i035.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i035/test_entry.c b/psa-ff/test_suites/ipc/test_i035/test_entry.c
new file mode 100644
index 0000000..be5041b
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i035/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i035.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 35)
+#define TEST_DESC "Testing psa_skip at PSA_IPC_DISCONNECT\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i035_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i035/test_i035.c b/psa-ff/test_suites/ipc/test_i035/test_i035.c
new file mode 100644
index 0000000..11c58de
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i035/test_i035.c
@@ -0,0 +1,50 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i035.h"
+
+client_test_t test_i035_client_tests_list[] = {
+ NULL,
+ client_test_psa_skip_at_ipc_disconnect,
+ NULL,
+};
+
+int32_t client_test_psa_skip_at_ipc_disconnect(security_t caller)
+{
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check1] Test psa_skip at PSA_IPC_DISCONNECT\n", 0);
+
+ handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
+ if (handle > 0)
+ {
+ psa->close(handle);
+ }
+
+ /* Shouldn't have reached here */
+ val->print(PRINT_ERROR, "\tCheck for psa_skip at PSA_IPC_DISCONNECT failed\n", 0);
+
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i035/test_i035.h b/psa-ff/test_suites/ipc/test_i035/test_i035.h
new file mode 100644
index 0000000..dca0f6d
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i035/test_i035.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST035_CLIENT_TESTS_H_
+#define _TEST035_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i035_client_tests_list[];
+
+int32_t client_test_psa_skip_at_ipc_disconnect(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i035/test_supp_i035.c b/psa-ff/test_suites/ipc/test_i035/test_supp_i035.c
new file mode 100644
index 0000000..1bec82b
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i035/test_supp_i035.c
@@ -0,0 +1,82 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_skip_at_ipc_disconnect();
+
+server_test_t test_i035_server_tests_list[] = {
+ NULL,
+ server_test_psa_skip_at_ipc_disconnect,
+ NULL,
+};
+
+int32_t server_test_psa_skip_at_ipc_disconnect()
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ status = val_process_connect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_disconnect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+ }
+
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+ }
+
+ /* Test check- psa_skip at PSA_IPC_DISCONNECT */
+ psa_skip(msg.handle, 0, 0);
+
+ /* Shouldn't have reached here */
+ val_print(PRINT_ERROR,"\tpsa_skip should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return VAL_STATUS_INVALID;
+}
diff --git a/psa-ff/test_suites/ipc/test_i036/source.mk b/psa-ff/test_suites/ipc/test_i036/source.mk
new file mode 100644
index 0000000..0a4b4ea
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i036/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i036.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i036/test_entry.c b/psa-ff/test_suites/ipc/test_i036/test_entry.c
new file mode 100644
index 0000000..590cea3
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i036/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i036.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 36)
+#define TEST_DESC "Testing psa_skip with NULL handle\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i036_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i036/test_i036.c b/psa-ff/test_suites/ipc/test_i036/test_i036.c
new file mode 100644
index 0000000..9945161
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i036/test_i036.c
@@ -0,0 +1,60 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i036.h"
+
+client_test_t test_i036_client_tests_list[] = {
+ NULL,
+ client_test_psa_skip_with_null_handle,
+ NULL,
+};
+
+int32_t client_test_psa_skip_with_null_handle(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_skip with NULL handle\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but successed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i036/test_i036.h b/psa-ff/test_suites/ipc/test_i036/test_i036.h
new file mode 100644
index 0000000..84fa920
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i036/test_i036.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST036_CLIENT_TESTS_H_
+#define _TEST036_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i036_client_tests_list[];
+
+int32_t client_test_psa_skip_with_null_handle(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i036/test_supp_i036.c b/psa-ff/test_suites/ipc/test_i036/test_supp_i036.c
new file mode 100644
index 0000000..e703995
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i036/test_supp_i036.c
@@ -0,0 +1,94 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_skip_with_null_handle(void);
+
+server_test_t test_i036_server_tests_list[] = {
+ NULL,
+ server_test_psa_skip_with_null_handle,
+ NULL,
+};
+
+int32_t server_test_psa_skip_with_null_handle(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if(val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if(val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if(val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_skip with PSA_NULL_HANDLE */
+ psa_skip(PSA_NULL_HANDLE, 0, 0);
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_skip with NULL handle should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa_reply(msg.handle, -4);
+ }
+ }
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ status = ((val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ ? VAL_STATUS_ERROR : status);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i037/source.mk b/psa-ff/test_suites/ipc/test_i037/source.mk
new file mode 100644
index 0000000..4bbadb1
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i037/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i037.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i037/test_entry.c b/psa-ff/test_suites/ipc/test_i037/test_entry.c
new file mode 100644
index 0000000..65d9588
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i037/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i037.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 37)
+#define TEST_DESC "Testing psa_skip with invalid handle\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i037_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i037/test_i037.c b/psa-ff/test_suites/ipc/test_i037/test_i037.c
new file mode 100644
index 0000000..537e525
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i037/test_i037.c
@@ -0,0 +1,60 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i037.h"
+
+client_test_t test_i037_client_tests_list[] = {
+ NULL,
+ client_test_psa_skip_with_invalid_handle,
+ NULL,
+};
+
+int32_t client_test_psa_skip_with_invalid_handle(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_skip with invalid handle\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but successed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i037/test_i037.h b/psa-ff/test_suites/ipc/test_i037/test_i037.h
new file mode 100644
index 0000000..a9ba9ef
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i037/test_i037.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST037_CLIENT_TESTS_H_
+#define _TEST037_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i037_client_tests_list[];
+
+int32_t client_test_psa_skip_with_invalid_handle(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i037/test_supp_i037.c b/psa-ff/test_suites/ipc/test_i037/test_supp_i037.c
new file mode 100644
index 0000000..870be92
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i037/test_supp_i037.c
@@ -0,0 +1,82 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_skip_with_invalid_handle(void);
+
+server_test_t test_i037_server_tests_list[] = {
+ NULL,
+ server_test_psa_skip_with_invalid_handle,
+ NULL,
+};
+
+int32_t server_test_psa_skip_with_invalid_handle(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_skip with INVALID_HANDLE */
+ psa_skip(INVALID_HANDLE, 0, 0);
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_skip with invalid handle should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ status = VAL_STATUS_SPM_FAILED;
+ psa_reply(msg.handle, -4);
+ }
+ }
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ status = ((val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ ? VAL_STATUS_ERROR : status);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i038/source.mk b/psa-ff/test_suites/ipc/test_i038/source.mk
new file mode 100644
index 0000000..11f06d3
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i038/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i038.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i038/test_entry.c b/psa-ff/test_suites/ipc/test_i038/test_entry.c
new file mode 100644
index 0000000..4ab3858
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i038/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i038.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 38)
+#define TEST_DESC "Testing psa_skip with invec_idx=PSA_MAX_IOVEC\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i038_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i038/test_i038.c b/psa-ff/test_suites/ipc/test_i038/test_i038.c
new file mode 100644
index 0000000..468d106
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i038/test_i038.c
@@ -0,0 +1,60 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i038.h"
+
+client_test_t test_i038_client_tests_list[] = {
+ NULL,
+ client_test_psa_skip_with_invec_equal_to_max_iovec,
+ NULL,
+};
+
+int32_t client_test_psa_skip_with_invec_equal_to_max_iovec(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_skip with invec_idx=PSA_MAX_IOVEC\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but successed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i038/test_i038.h b/psa-ff/test_suites/ipc/test_i038/test_i038.h
new file mode 100644
index 0000000..8db4d4e
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i038/test_i038.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST038_CLIENT_TESTS_H_
+#define _TEST038_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i038_client_tests_list[];
+
+int32_t client_test_psa_skip_with_invec_equal_to_max_iovec(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i038/test_supp_i038.c b/psa-ff/test_suites/ipc/test_i038/test_supp_i038.c
new file mode 100644
index 0000000..536af3a
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i038/test_supp_i038.c
@@ -0,0 +1,96 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_skip_with_invec_equal_to_max_iovec(void);
+
+server_test_t test_i038_server_tests_list[] = {
+ NULL,
+ server_test_psa_skip_with_invec_equal_to_max_iovec,
+ NULL,
+};
+
+int32_t server_test_psa_skip_with_invec_equal_to_max_iovec(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_skip with invec_idx=PSA_MAX_IOVEC */
+ psa_skip(msg.handle, PSA_MAX_IOVEC, 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_skip with invec_idx=PSA_MAX_IOVEC should failed but successed\n", 0);
+
+ psa_reply(msg.handle, -4);
+
+ }
+ }
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ status = ((val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ ? VAL_STATUS_ERROR : status);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i039/source.mk b/psa-ff/test_suites/ipc/test_i039/source.mk
new file mode 100644
index 0000000..957fcf6
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i039/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i039.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i039/test_entry.c b/psa-ff/test_suites/ipc/test_i039/test_entry.c
new file mode 100644
index 0000000..125452a
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i039/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i039.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 39)
+#define TEST_DESC "Testing psa_skip with invec_idx > PSA_MAX_IOVEC\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i039_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i039/test_i039.c b/psa-ff/test_suites/ipc/test_i039/test_i039.c
new file mode 100644
index 0000000..b2f4de4
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i039/test_i039.c
@@ -0,0 +1,60 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i039.h"
+
+client_test_t test_i039_client_tests_list[] = {
+ NULL,
+ client_test_psa_skip_with_invec_greater_than_max_iovec,
+ NULL,
+};
+
+int32_t client_test_psa_skip_with_invec_greater_than_max_iovec(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_skip with invec_idx > PSA_MAX_IOVEC\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but successed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i039/test_i039.h b/psa-ff/test_suites/ipc/test_i039/test_i039.h
new file mode 100644
index 0000000..3699249
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i039/test_i039.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST039_CLIENT_TESTS_H_
+#define _TEST039_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i039_client_tests_list[];
+
+int32_t client_test_psa_skip_with_invec_greater_than_max_iovec(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i039/test_supp_i039.c b/psa-ff/test_suites/ipc/test_i039/test_supp_i039.c
new file mode 100644
index 0000000..58ee41e
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i039/test_supp_i039.c
@@ -0,0 +1,96 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_skip_with_invec_greater_than_max_iovec(void);
+
+server_test_t test_i039_server_tests_list[] = {
+ NULL,
+ server_test_psa_skip_with_invec_greater_than_max_iovec,
+ NULL,
+};
+
+int32_t server_test_psa_skip_with_invec_greater_than_max_iovec(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_skip with invec_idx > PSA_MAX_IOVEC */
+ psa_skip(msg.handle, PSA_MAX_IOVEC + 1, 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_skip with invec_idx > PSA_MAX_IOVEC should failed but successed\n", 0);
+
+ psa_reply(msg.handle, -4);
+
+ }
+ }
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ status = ((val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ ? VAL_STATUS_ERROR : status);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i040/source.mk b/psa-ff/test_suites/ipc/test_i040/source.mk
new file mode 100644
index 0000000..c3f25df
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i040/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i040.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i040/test_entry.c b/psa-ff/test_suites/ipc/test_i040/test_entry.c
new file mode 100644
index 0000000..ceb1e31
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i040/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i040.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 40)
+#define TEST_DESC "Testing psa_write at PSA_IPC_CONNECT\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i040_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i040/test_i040.c b/psa-ff/test_suites/ipc/test_i040/test_i040.c
new file mode 100644
index 0000000..0592200
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i040/test_i040.c
@@ -0,0 +1,47 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i040.h"
+
+client_test_t test_i040_client_tests_list[] = {
+ NULL,
+ client_test_psa_write_at_ipc_connect,
+ NULL,
+};
+
+int32_t client_test_psa_write_at_ipc_connect(security_t caller)
+{
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check1] Test psa_write at PSA_IPC_CONNECT\n", 0);
+
+ handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
+
+ /* Shouldn't have reached here */
+ val->print(PRINT_ERROR, "\tConnection should have failed but succeeded\n", 0);
+
+ (void)(handle);
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i040/test_i040.h b/psa-ff/test_suites/ipc/test_i040/test_i040.h
new file mode 100644
index 0000000..610bbf4
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i040/test_i040.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST040_CLIENT_TESTS_H_
+#define _TEST040_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i040_client_tests_list[];
+
+int32_t client_test_psa_write_at_ipc_connect(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i040/test_supp_i040.c b/psa-ff/test_suites/ipc/test_i040/test_supp_i040.c
new file mode 100644
index 0000000..47433c3
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i040/test_supp_i040.c
@@ -0,0 +1,79 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+#define NUM_OF_BYTES 4
+
+int32_t server_test_psa_write_at_ipc_connect(void);
+
+server_test_t test_i040_server_tests_list[] = {
+ NULL,
+ server_test_psa_write_at_ipc_connect,
+ NULL,
+};
+
+int32_t server_test_psa_write_at_ipc_connect(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t data[NUM_OF_BYTES] = {0};
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ status = val_process_connect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ /* Test check- psa_write at PSA_IPC_CONNECT */
+ psa_write(msg.handle, 0, (void *)data, 0);
+
+ /* Shouldn't have reached here */
+ val_print(PRINT_ERROR,"\tpsa_write should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return VAL_STATUS_INVALID;
+}
diff --git a/psa-ff/test_suites/ipc/test_i041/source.mk b/psa-ff/test_suites/ipc/test_i041/source.mk
new file mode 100644
index 0000000..a77fe79
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i041/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i041.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i041/test_entry.c b/psa-ff/test_suites/ipc/test_i041/test_entry.c
new file mode 100644
index 0000000..b9923d3
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i041/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i041.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 41)
+#define TEST_DESC "Testing psa_write at PSA_IPC_DISCONNECT\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i041_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i041/test_i041.c b/psa-ff/test_suites/ipc/test_i041/test_i041.c
new file mode 100644
index 0000000..289fbf6
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i041/test_i041.c
@@ -0,0 +1,50 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i041.h"
+
+client_test_t test_i041_client_tests_list[] = {
+ NULL,
+ client_test_psa_write_at_ipc_disconnect,
+ NULL,
+};
+
+int32_t client_test_psa_write_at_ipc_disconnect(security_t caller)
+{
+ psa_handle_t handle = 0;
+
+ val->print(PRINT_TEST, "[Check1] Test psa_write at PSA_IPC_DISCONNECT\n", 0);
+
+ handle = psa->connect(SERVER_RELAX_MINOR_VERSION_SID, 1);
+ if (handle > 0)
+ {
+ psa->close(handle);
+ }
+
+ /* Shouldn't have reached here */
+ val->print(PRINT_ERROR, "\tCheck for psa_write at PSA_IPC_DISCONNECT failed\n", 0);
+
+ return VAL_STATUS_SPM_FAILED;
+}
diff --git a/psa-ff/test_suites/ipc/test_i041/test_i041.h b/psa-ff/test_suites/ipc/test_i041/test_i041.h
new file mode 100644
index 0000000..677585f
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i041/test_i041.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST041_CLIENT_TESTS_H_
+#define _TEST041_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i041_client_tests_list[];
+
+int32_t client_test_psa_write_at_ipc_disconnect(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i041/test_supp_i041.c b/psa-ff/test_suites/ipc/test_i041/test_supp_i041.c
new file mode 100644
index 0000000..ed48377
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i041/test_supp_i041.c
@@ -0,0 +1,86 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+#define NUM_OF_BYTES 4
+
+int32_t server_test_psa_write_at_ipc_disconnect(void);
+
+server_test_t test_i041_server_tests_list[] = {
+ NULL,
+ server_test_psa_write_at_ipc_disconnect,
+ NULL,
+};
+
+int32_t server_test_psa_write_at_ipc_disconnect(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t data[NUM_OF_BYTES] = {0};
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ status = val_process_connect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_disconnect_request(SERVER_RELAX_MINOR_VERSION_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+ }
+
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+ }
+
+ /* Test check- psa_write at PSA_IPC_DISCONNECT */
+ psa_write(msg.handle, 0, (void *)data, 0);
+
+ /* Shouldn't have reached here */
+ val_print(PRINT_ERROR,"\tpsa_write should failed but successed\n", 0);
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return VAL_STATUS_INVALID;
+}
diff --git a/psa-ff/test_suites/ipc/test_i042/source.mk b/psa-ff/test_suites/ipc/test_i042/source.mk
new file mode 100644
index 0000000..3ea94ee
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i042/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i042.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i042/test_entry.c b/psa-ff/test_suites/ipc/test_i042/test_entry.c
new file mode 100644
index 0000000..b71eaea
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i042/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i042.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 42)
+#define TEST_DESC "Testing psa_write with NULL handle\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i042_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i042/test_i042.c b/psa-ff/test_suites/ipc/test_i042/test_i042.c
new file mode 100644
index 0000000..ff56a63
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i042/test_i042.c
@@ -0,0 +1,60 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i042.h"
+
+client_test_t test_i042_client_tests_list[] = {
+ NULL,
+ client_test_psa_write_with_null_handle,
+ NULL,
+};
+
+int32_t client_test_psa_write_with_null_handle(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_write with NULL handle\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but successed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i042/test_i042.h b/psa-ff/test_suites/ipc/test_i042/test_i042.h
new file mode 100644
index 0000000..86de5d5
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i042/test_i042.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST042_CLIENT_TESTS_H_
+#define _TEST042_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i042_client_tests_list[];
+
+int32_t client_test_psa_write_with_null_handle(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i042/test_supp_i042.c b/psa-ff/test_suites/ipc/test_i042/test_supp_i042.c
new file mode 100644
index 0000000..712791e
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i042/test_supp_i042.c
@@ -0,0 +1,82 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+int32_t server_test_psa_write_with_null_handle();
+
+server_test_t test_i042_server_tests_list[] = {
+ NULL,
+ server_test_psa_write_with_null_handle,
+ NULL,
+};
+
+int32_t server_test_psa_write_with_null_handle()
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t data[4] = {0};
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if(val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if(val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Set boot flag to BOOT_EXPECTED_* to indicate- test is targeting
+ fatal error condition and test will expect error recovery to happen */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if(val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ psa_reply(msg.handle, -3);
+ }
+ else
+ {
+ /*psa_write with PSA_NULL_HANDLE */
+ psa_write(PSA_NULL_HANDLE, 0, (void *)data, 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ /* Resetting boot.state to catch unwanted reboot */
+ val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED);
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_write with NULL handle should failed but successed\n", 0);
+
+ psa_reply(msg.handle, -4);
+
+ }
+ }
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ status = ((val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ ? VAL_STATUS_ERROR : status);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i043/source.mk b/psa-ff/test_suites/ipc/test_i043/source.mk
new file mode 100644
index 0000000..889842a
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i043/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i043.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i043/test_entry.c b/psa-ff/test_suites/ipc/test_i043/test_entry.c
new file mode 100644
index 0000000..871ee93
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i043/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i043.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 43)
+#define TEST_DESC "Testing psa_write with invalid handle\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i043_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i043/test_i043.c b/psa-ff/test_suites/ipc/test_i043/test_i043.c
new file mode 100644
index 0000000..24ee058
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i043/test_i043.c
@@ -0,0 +1,60 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i043.h"
+
+client_test_t test_i043_client_tests_list[] = {
+ NULL,
+ client_test_psa_write_with_invalid_handle,
+ NULL,
+};
+
+int32_t client_test_psa_write_with_invalid_handle(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_write with invalid handle\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but successed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i043/test_i043.h b/psa-ff/test_suites/ipc/test_i043/test_i043.h
new file mode 100644
index 0000000..74d19e1
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i043/test_i043.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST043_CLIENT_TESTS_H_
+#define _TEST043_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i043_client_tests_list[];
+
+int32_t client_test_psa_write_with_invalid_handle(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i043/test_supp_i043.c b/psa-ff/test_suites/ipc/test_i043/test_supp_i043.c
new file mode 100644
index 0000000..04053f2
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i043/test_supp_i043.c
@@ -0,0 +1,98 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+#define NUM_OF_BYTES 4
+
+int32_t server_test_psa_write_with_invalid_handle(void);
+
+server_test_t test_i043_server_tests_list[] = {
+ NULL,
+ server_test_psa_write_with_invalid_handle,
+ NULL,
+};
+
+int32_t server_test_psa_write_with_invalid_handle(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t data[NUM_OF_BYTES] = {0};
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_write with INVALID_HANDLE */
+ psa_write(INVALID_HANDLE, 0, (void *)data, 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_write with invalid handle should failed but successed\n", 0);
+
+ psa_reply(msg.handle, -4);
+ }
+ }
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ status = ((val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ ? VAL_STATUS_ERROR : status);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i044/source.mk b/psa-ff/test_suites/ipc/test_i044/source.mk
new file mode 100644
index 0000000..31fa673
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i044/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i044.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i044/test_entry.c b/psa-ff/test_suites/ipc/test_i044/test_entry.c
new file mode 100644
index 0000000..212e4b3
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i044/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i044.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 44)
+#define TEST_DESC "Testing psa_write with invec_idx=PSA_MAX_IOVEC\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i044_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i044/test_i044.c b/psa-ff/test_suites/ipc/test_i044/test_i044.c
new file mode 100644
index 0000000..ff3962a
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i044/test_i044.c
@@ -0,0 +1,60 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i044.h"
+
+client_test_t test_i044_client_tests_list[] = {
+ NULL,
+ client_test_psa_write_with_invec_equal_to_max_iovec,
+ NULL,
+};
+
+int32_t client_test_psa_write_with_invec_equal_to_max_iovec(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_write with invec_idx=PSA_MAX_IOVEC\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but successed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i044/test_i044.h b/psa-ff/test_suites/ipc/test_i044/test_i044.h
new file mode 100644
index 0000000..428350b
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i044/test_i044.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST044_CLIENT_TESTS_H_
+#define _TEST044_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i044_client_tests_list[];
+
+int32_t client_test_psa_write_with_invec_equal_to_max_iovec(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i044/test_supp_i044.c b/psa-ff/test_suites/ipc/test_i044/test_supp_i044.c
new file mode 100644
index 0000000..1219b5e
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i044/test_supp_i044.c
@@ -0,0 +1,86 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+#define NUM_OF_BYTES 4
+
+int32_t server_test_psa_write_with_invec_equal_to_max_iovec(void);
+
+server_test_t test_i044_server_tests_list[] = {
+ NULL,
+ server_test_psa_write_with_invec_equal_to_max_iovec,
+ NULL,
+};
+
+int32_t server_test_psa_write_with_invec_equal_to_max_iovec(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t data[NUM_OF_BYTES] = {0};
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_write with invec_idx=PSA_MAX_IOVEC */
+ psa_write(msg.handle, PSA_MAX_IOVEC, (void *)data, 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_write with invec_idx=PSA_MAX_IOVEC should failed but successed\n", 0);
+
+ psa_reply(msg.handle, -4);
+ }
+ }
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ status = ((val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ ? VAL_STATUS_ERROR : status);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i045/source.mk b/psa-ff/test_suites/ipc/test_i045/source.mk
new file mode 100644
index 0000000..81fa6db
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i045/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i045.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i045/test_entry.c b/psa-ff/test_suites/ipc/test_i045/test_entry.c
new file mode 100644
index 0000000..e57165c
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i045/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i045.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 45)
+#define TEST_DESC "Testing psa_write with invec_idx > PSA_MAX_IOVEC\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i045_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i045/test_i045.c b/psa-ff/test_suites/ipc/test_i045/test_i045.c
new file mode 100644
index 0000000..ba6a31c
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i045/test_i045.c
@@ -0,0 +1,60 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i045.h"
+
+client_test_t test_i045_client_tests_list[] = {
+ NULL,
+ client_test_psa_write_with_invec_greater_than_max_iovec,
+ NULL,
+};
+
+int32_t client_test_psa_write_with_invec_greater_than_max_iovec(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_write with invec_idx > PSA_MAX_IOVEC\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ status_of_call = psa->call(handle, NULL, 0, NULL, 0);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but successed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i045/test_i045.h b/psa-ff/test_suites/ipc/test_i045/test_i045.h
new file mode 100644
index 0000000..19e3599
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i045/test_i045.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST045_CLIENT_TESTS_H_
+#define _TEST045_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i045_client_tests_list[];
+
+int32_t client_test_psa_write_with_invec_greater_than_max_iovec(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i045/test_supp_i045.c b/psa-ff/test_suites/ipc/test_i045/test_supp_i045.c
new file mode 100644
index 0000000..a16d5a7
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i045/test_supp_i045.c
@@ -0,0 +1,98 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+#define NUM_OF_BYTES 4
+
+int32_t server_test_psa_write_with_invec_greater_than_max_iovec(void);
+
+server_test_t test_i045_server_tests_list[] = {
+ NULL,
+ server_test_psa_write_with_invec_greater_than_max_iovec,
+ NULL,
+};
+
+int32_t server_test_psa_write_with_invec_greater_than_max_iovec(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t data[NUM_OF_BYTES] = {0};
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_write with invec_idx > PSA_MAX_IOVEC */
+ psa_write(msg.handle, PSA_MAX_IOVEC + 1, (void *)data, 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_write with invec_idx > PSA_MAX_IOVEC should failed but successed\n", 0);
+
+ psa_reply(msg.handle, -4);
+ }
+ }
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ status = ((val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ ? VAL_STATUS_ERROR : status);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i046/source.mk b/psa-ff/test_suites/ipc/test_i046/source.mk
new file mode 100644
index 0000000..994a7ac
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i046/source.mk
@@ -0,0 +1,20 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+CC_SOURCE = test_entry.c test_i046.c
+CC_OPTIONS =
+AS_SOURCE =
+AS_OPTIONS =
diff --git a/psa-ff/test_suites/ipc/test_i046/test_entry.c b/psa-ff/test_suites/ipc/test_i046/test_entry.c
new file mode 100644
index 0000000..aa29c11
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i046/test_entry.c
@@ -0,0 +1,51 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_interfaces.h"
+#include "val_target.h"
+#include "test_i046.h"
+
+#define TEST_NUM VAL_CREATE_TEST_ID(VAL_FF_BASE, 46)
+#define TEST_DESC "Testing psa_write with size overflow\n"
+TEST_PUBLISH(TEST_NUM, test_entry);
+val_api_t *val = NULL;
+psa_api_t *psa = NULL;
+
+void test_entry(val_api_t *val_api, psa_api_t *psa_api)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+
+ val = val_api;
+ psa = psa_api;
+
+ /* test init */
+ val->test_init(TEST_NUM, TEST_DESC, TEST_FIELD(TEST_ISOLATION_L1, WD_LOW_TIMEOUT));
+ if (!IS_TEST_START(val->get_status()))
+ {
+ goto test_exit;
+ }
+
+ /* Execute list of tests available in test[num]_client_tests_list from Non-secure side*/
+ status = val->execute_non_secure_tests(TEST_NUM, test_i046_client_tests_list, TRUE);
+ if (VAL_ERROR(status))
+ {
+ goto test_exit;
+ }
+
+test_exit:
+ val->test_exit();
+}
diff --git a/psa-ff/test_suites/ipc/test_i046/test_i046.c b/psa-ff/test_suites/ipc/test_i046/test_i046.c
new file mode 100644
index 0000000..23c192f
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i046/test_i046.c
@@ -0,0 +1,63 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val_interfaces.h"
+#include "val_target.h"
+#else
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+#endif
+
+#include "test_i046.h"
+
+client_test_t test_i046_client_tests_list[] = {
+ NULL,
+ client_test_psa_write_with_size_overflow,
+ NULL,
+};
+
+int32_t client_test_psa_write_with_size_overflow(security_t caller)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call;
+ uint8_t data = 0;
+
+ val->print(PRINT_TEST,
+ "[Check1] Test psa_write with size overflow\n", 0);
+
+ handle = psa->connect(SERVER_UNSPECIFED_MINOR_V_SID, 1);
+ if (handle < 0)
+ {
+ val->print(PRINT_ERROR, "\tConnection failed\n", 0);
+ return VAL_STATUS_INVALID_HANDLE;
+ }
+
+ psa_outvec resp = {&data, sizeof(data)};
+
+ status_of_call = psa->call(handle, NULL, 0, &resp, 1);
+
+ /* Expectation is server test should hang and control shouldn't have come here */
+ val->print(PRINT_ERROR, "\tCall should failed but successed\n", 0);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ psa->close(handle);
+ (void)(status_of_call);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/test_i046/test_i046.h b/psa-ff/test_suites/ipc/test_i046/test_i046.h
new file mode 100644
index 0000000..ae77109
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i046/test_i046.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _TEST046_CLIENT_TESTS_H_
+#define _TEST046_CLIENT_TESTS_H_
+
+#ifdef NONSECURE_TEST_BUILD
+#include "val.h"
+#else
+#include "val/common/val_client_defs.h"
+#endif
+
+extern val_api_t *val;
+extern psa_api_t *psa;
+
+extern client_test_t test_i046_client_tests_list[];
+
+int32_t client_test_psa_write_with_size_overflow(security_t);
+#endif
diff --git a/psa-ff/test_suites/ipc/test_i046/test_supp_i046.c b/psa-ff/test_suites/ipc/test_i046/test_supp_i046.c
new file mode 100644
index 0000000..c5db835
--- /dev/null
+++ b/psa-ff/test_suites/ipc/test_i046/test_supp_i046.c
@@ -0,0 +1,98 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+#define NUM_OF_BYTES 4
+
+int32_t server_test_psa_write_with_size_overflow(void);
+
+server_test_t test_i046_server_tests_list[] = {
+ NULL,
+ server_test_psa_write_with_size_overflow,
+ NULL,
+};
+
+int32_t server_test_psa_write_with_size_overflow(void)
+{
+ int32_t status = VAL_STATUS_SUCCESS;
+ psa_msg_t msg = {0};
+ uint8_t data[NUM_OF_BYTES] = {0};
+
+ /* Test is targeting fatal error condition and it will expect an error recovery(reboot)
+ * to happen. To decide, a reboot happened was intended as per test scenario or it happended
+ * due to other reasons, test is setting a boot signature into non-volatile memory before and
+ * after targeted test check. After a reboot, these boot signatures are being read by the
+ * VAL APIs to decide test status.
+ *
+ * Note: If SPM is not capable of rebooting (just hangs or power down) in fatal error condition,
+ * a watchdog timer enabled by val_test_init can reboot the system on timeout event.
+ * If programmed timeout value isn't sufficient for your system, it can be reconfigured using
+ * timeout entries available in target.cfg.
+ */
+
+ status = val_process_connect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(201), status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ return status;
+ }
+
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ status = val_process_call_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(202), status))
+ {
+ psa_reply(msg.handle, -2);
+ }
+ else
+ {
+ /* Setting boot.state before test check */
+ status = val_set_boot_flag(BOOT_EXPECTED_NS);
+ if (val_err_check_set(TEST_CHECKPOINT_NUM(203), status))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag before check\n", 0);
+ psa_reply(msg.handle, -3);
+ }
+ else
+ {
+ /* Test check- psa_write with size overflow */
+ psa_write(msg.handle, 0, (void *)data, msg.out_size[0]+1);
+
+ status = VAL_STATUS_SPM_FAILED;
+
+ /* Resetting boot.state to catch unwanted reboot */
+ if (val_set_boot_flag(BOOT_EXPECTED_BUT_FAILED))
+ {
+ val_print(PRINT_ERROR, "\tFailed to set boot flag after check\n", 0);
+ }
+
+ /* shouldn't have reached here */
+ val_print(PRINT_ERROR,
+ "\tpsa_write with size overflow should failed but successed\n", 0);
+
+ psa_reply(msg.handle, -4);
+ }
+ }
+
+ val_err_check_set(TEST_CHECKPOINT_NUM(204), status);
+ status = ((val_process_disconnect_request(SERVER_UNSPECIFED_MINOR_V_SIG, &msg))
+ ? VAL_STATUS_ERROR : status);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ return status;
+}
diff --git a/psa-ff/test_suites/ipc/testsuite.db b/psa-ff/test_suites/ipc/testsuite.db
new file mode 100644
index 0000000..ba07652
--- /dev/null
+++ b/psa-ff/test_suites/ipc/testsuite.db
@@ -0,0 +1,70 @@
+#/** @file
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+
+#List of tests to be compiled and run as part of IPC suite
+
+(START)
+
+test_i001
+test_i002
+test_i003
+test_i004
+test_i005
+test_i006
+test_i007
+test_i008
+test_i009
+test_i010
+test_i011
+test_i012
+test_i013
+test_i014
+test_i015
+test_i016
+test_i017
+test_i018
+test_i019
+test_i020
+test_i021
+test_i022
+test_i023
+test_i024
+test_i025
+test_i026
+test_i027
+test_i028
+test_i029
+test_i030
+test_i031
+test_i032
+test_i033
+test_i034
+test_i035
+test_i036
+test_i037
+test_i038
+test_i039
+test_i040
+test_i041
+test_i042
+test_i043
+test_i044
+test_i045
+test_i046
+
+(END)
diff --git a/psa-ff/test_suites/partition/common/driver_partition.c b/psa-ff/test_suites/partition/common/driver_partition.c
new file mode 100644
index 0000000..fa0d276
--- /dev/null
+++ b/psa-ff/test_suites/partition/common/driver_partition.c
@@ -0,0 +1,192 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val/spe/val_driver_service_apis.h"
+
+void driver_main(void)
+{
+ psa_signal_t signals = 0;
+ psa_msg_t msg = {0};
+ uint32_t verbosity = 0, data = 0, arg1=0;
+ nvmem_param_t nvmem_param;
+ char string[256] = {0};
+ uint8_t buffer[256] = {0};
+ wd_param_t wd_param;
+ uint32_t timeout;
+ target_param_t target_param;
+
+ while (1)
+ {
+ val_status_t fn_status = VAL_STATUS_SUCCESS;
+ signals = psa_wait_any(PSA_BLOCK);
+
+ /* Initialise target init variables */
+ if (signals & DRIVER_TARGET_INIT_SIG)
+ {
+ psa_get(DRIVER_TARGET_INIT_SIG, &msg);
+ switch (msg.type)
+ {
+ case PSA_IPC_CONNECT:
+ psa_reply(msg.handle, PSA_SUCCESS);
+ break;
+ case PSA_IPC_CALL:
+ psa_read(msg.handle, 0, &target_param, msg.in_size[0]);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ break;
+ case PSA_IPC_DISCONNECT:
+ psa_reply(msg.handle, PSA_SUCCESS);
+ break;
+ }
+ }
+
+ /* Service Print functionality */
+ if (signals & DRIVER_UART_SIG)
+ {
+ psa_get(DRIVER_UART_SIG, &msg);
+ switch (msg.type)
+ {
+ case PSA_IPC_CONNECT:
+ psa_reply(msg.handle, PSA_SUCCESS);
+ break;
+ case PSA_IPC_CALL:
+ psa_read(msg.handle, 0, &arg1, msg.in_size[0]);
+ if (arg1 == UART_INIT_SIGN)
+ {
+ /* arg1=base_addr, arg2=print_level */
+ psa_read(msg.handle, 1, &verbosity, msg.in_size[1]);
+ fn_status = val_uart_init_sf(target_param.uart_base_addr, verbosity);
+ }
+ else
+ {
+ /* arg1=verbosity, arg2=string, arg3=DATA */
+ verbosity = arg1;
+ psa_read(msg.handle, 1, &string, msg.in_size[1]);
+ psa_read(msg.handle, 2, &data, msg.in_size[2]);
+ fn_status = val_print_sf(verbosity, string, data);
+ }
+ if (VAL_ERROR(fn_status))
+ {
+ psa_reply(msg.handle, VAL_STATUS_ERROR);
+ }
+ else
+ {
+ psa_reply(msg.handle, PSA_SUCCESS);
+ }
+ break;
+ case PSA_IPC_DISCONNECT:
+ psa_reply(msg.handle, PSA_SUCCESS);
+ break;
+ }
+ }
+
+ /* Service Watchdog functionality */
+ if (signals & DRIVER_WATCHDOG_SIG)
+ {
+ psa_get(DRIVER_WATCHDOG_SIG, &msg);
+ switch (msg.type)
+ {
+ case PSA_IPC_CALL:
+ psa_read(msg.handle, 0, &wd_param, msg.in_size[0]);
+ if (wd_param.wd_fn_type == WD_INIT_SEQ)
+ {
+ if (wd_param.wd_timeout_type == WD_LOW_TIMEOUT)
+ {
+ timeout = target_param.wd_time_us_low;
+ }
+ else if (wd_param.wd_timeout_type == WD_MEDIUM_TIMEOUT)
+ {
+ timeout = target_param.wd_time_us_medium;
+ }
+ else
+ {
+ timeout = target_param.wd_time_us_high;
+ }
+ fn_status = val_wd_timer_init_sf(target_param.wd_base_addr, timeout,
+ target_param.wd_timer_tick_us);
+ }
+ else if (wd_param.wd_fn_type == WD_ENABLE_SEQ)
+ {
+ fn_status = val_wd_timer_enable_sf(target_param.wd_base_addr);
+ }
+ else if (wd_param.wd_fn_type == WD_DISABLE_SEQ)
+ {
+ fn_status = val_wd_timer_disable_sf(target_param.wd_base_addr);
+ }
+ else if (wd_param.wd_fn_type == WD_STATUS_SEQ)
+ {
+ fn_status = val_is_wd_timer_enabled_sf(target_param.wd_base_addr);
+ }
+ if (fn_status == VAL_STATUS_SUCCESS)
+ {
+ psa_reply(msg.handle, PSA_SUCCESS);
+ }
+ else
+ {
+ psa_reply(msg.handle, VAL_STATUS_ERROR);
+ }
+ break;
+ case PSA_IPC_CONNECT:
+ case PSA_IPC_DISCONNECT:
+ psa_reply(msg.handle, PSA_SUCCESS);
+ break;
+ }
+ }
+
+ /* Service NVMEM functionality */
+ if (signals & DRIVER_NVMEM_SIG)
+ {
+ psa_get(DRIVER_NVMEM_SIG, &msg);
+ switch (msg.type)
+ {
+ case PSA_IPC_CALL:
+ psa_read(msg.handle, 0, &nvmem_param, msg.in_size[0]);
+ if (nvmem_param.nvmem_fn_type == NVMEM_READ)
+ {
+ fn_status = val_nvmem_read_sf(target_param.nvmem_base_addr,
+ nvmem_param.offset, buffer, nvmem_param.size);
+ psa_write(msg.handle, 0, (const void*) buffer, msg.out_size[0]);
+ }
+ else
+ {
+ psa_read(msg.handle, 1, (void*) buffer, msg.in_size[1]);
+ fn_status = val_nvmem_write_sf(target_param.nvmem_base_addr,
+ nvmem_param.offset, buffer, nvmem_param.size);
+ }
+ if (fn_status == VAL_STATUS_SUCCESS)
+ {
+ psa_reply(msg.handle, PSA_SUCCESS);
+ }
+ else
+ {
+ psa_reply(msg.handle, VAL_STATUS_ERROR);
+ }
+ break;
+ case PSA_IPC_CONNECT:
+ case PSA_IPC_DISCONNECT:
+ psa_reply(msg.handle, PSA_SUCCESS);
+ break;
+ }
+ }
+
+ if (signals == 0)
+ {
+ val_print_sf(PRINT_ERROR,
+ "psa_wait_any returned zero for PSA_BLOCK. Entering into infinite loop\n", 0);
+ while (1);
+ }
+ }
+}
diff --git a/psa-ff/test_suites/partition/ipc/client_partition.c b/psa-ff/test_suites/partition/ipc/client_partition.c
new file mode 100644
index 0000000..11ca70e
--- /dev/null
+++ b/psa-ff/test_suites/partition/ipc/client_partition.c
@@ -0,0 +1,99 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "client_partition.h"
+val_api_t *val = &val_api;
+psa_api_t *psa = &psa_api;
+
+void client_main(void)
+{
+ uint32_t test_data = 0;
+ psa_signal_t signals = 0;
+ val_status_t status, test_status;
+ psa_msg_t msg = {0};
+
+ while (1)
+ {
+ status = VAL_STATUS_SUCCESS;
+ signals = psa_wait_any(PSA_BLOCK);
+
+ if (signals & CLIENT_TEST_DISPATCHER_SIG)
+ {
+ psa_get(CLIENT_TEST_DISPATCHER_SIG, &msg);
+ switch (msg.type)
+ {
+ case PSA_IPC_CONNECT:
+ if (test_data != 0)
+ {
+ val_print(PRINT_ERROR, "must clear previous dispatcher connection\n", 0);
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ }
+ else
+ {
+ psa_reply(msg.handle, PSA_SUCCESS);
+ }
+ break;
+ case PSA_IPC_CALL:
+ if (psa_read(msg.handle, 0, &test_data, msg.in_size[0]) != sizeof(test_data))
+ {
+ val_print(PRINT_ERROR, "could not read dispatcher payload\n", 0);
+ status = VAL_STATUS_READ_FAILED;
+ }
+ if (VAL_ERROR(status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ break;
+ }
+
+ if (GET_ACTION_NUM(test_data) == TEST_EXECUTE_FUNC)
+ {
+ psa_reply(msg.handle, PSA_SUCCESS);
+
+ val_print(PRINT_INFO, "In client part, test-id %d\n",
+ GET_TEST_NUM(test_data));
+ /* Execute client test func from secure*/
+ test_status = val_execute_secure_tests(GET_TEST_NUM(test_data),
+ client_ipc_test_list[GET_TEST_NUM(test_data)]);
+ }
+ else if (GET_ACTION_NUM(test_data) == TEST_RETURN_RESULT)
+ {
+ psa_write(msg.handle, 0, &test_status, sizeof(test_status));
+ psa_reply(msg.handle, PSA_SUCCESS);
+ }
+ else
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ }
+ break;
+ case PSA_IPC_DISCONNECT:
+ test_data=0;
+ status=0;
+ test_status=0;
+ psa_reply(msg.handle, PSA_SUCCESS);
+ break;
+ default:
+ val_print(PRINT_ERROR, "Unexpected message type %d!", (int)(msg.type));
+ while (1);
+ }
+ }
+ else
+ {
+ val_print(PRINT_ERROR, "In client_partition, Control shouldn't have reach here\n", 0);
+ while (1);
+ }
+ }
+}
diff --git a/psa-ff/test_suites/partition/ipc/client_partition.h b/psa-ff/test_suites/partition/ipc/client_partition.h
new file mode 100644
index 0000000..0d77245
--- /dev/null
+++ b/psa-ff/test_suites/partition/ipc/client_partition.h
@@ -0,0 +1,124 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _CLIENT_PART_H_
+#define _CLIENT_PART_H_
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+typedef client_test_t (*client_test_list_t);
+
+__WEAK extern client_test_t test_i001_client_tests_list[];
+__WEAK extern client_test_t test_i002_client_tests_list[];
+__WEAK extern client_test_t test_i003_client_tests_list[];
+__WEAK extern client_test_t test_i004_client_tests_list[];
+__WEAK extern client_test_t test_i005_client_tests_list[];
+__WEAK extern client_test_t test_i006_client_tests_list[];
+__WEAK extern client_test_t test_i007_client_tests_list[];
+__WEAK extern client_test_t test_i008_client_tests_list[];
+__WEAK extern client_test_t test_i009_client_tests_list[];
+__WEAK extern client_test_t test_i010_client_tests_list[];
+__WEAK extern client_test_t test_i011_client_tests_list[];
+__WEAK extern client_test_t test_i012_client_tests_list[];
+__WEAK extern client_test_t test_i013_client_tests_list[];
+__WEAK extern client_test_t test_i014_client_tests_list[];
+__WEAK extern client_test_t test_i015_client_tests_list[];
+__WEAK extern client_test_t test_i016_client_tests_list[];
+__WEAK extern client_test_t test_i017_client_tests_list[];
+__WEAK extern client_test_t test_i018_client_tests_list[];
+__WEAK extern client_test_t test_i019_client_tests_list[];
+__WEAK extern client_test_t test_i020_client_tests_list[];
+__WEAK extern client_test_t test_i021_client_tests_list[];
+__WEAK extern client_test_t test_i022_client_tests_list[];
+__WEAK extern client_test_t test_i023_client_tests_list[];
+__WEAK extern client_test_t test_i024_client_tests_list[];
+__WEAK extern client_test_t test_i025_client_tests_list[];
+__WEAK extern client_test_t test_i026_client_tests_list[];
+__WEAK extern client_test_t test_i027_client_tests_list[];
+__WEAK extern client_test_t test_i028_client_tests_list[];
+__WEAK extern client_test_t test_i029_client_tests_list[];
+__WEAK extern client_test_t test_i030_client_tests_list[];
+__WEAK extern client_test_t test_i031_client_tests_list[];
+__WEAK extern client_test_t test_i032_client_tests_list[];
+__WEAK extern client_test_t test_i033_client_tests_list[];
+__WEAK extern client_test_t test_i034_client_tests_list[];
+__WEAK extern client_test_t test_i035_client_tests_list[];
+__WEAK extern client_test_t test_i036_client_tests_list[];
+__WEAK extern client_test_t test_i037_client_tests_list[];
+__WEAK extern client_test_t test_i038_client_tests_list[];
+__WEAK extern client_test_t test_i039_client_tests_list[];
+__WEAK extern client_test_t test_i040_client_tests_list[];
+__WEAK extern client_test_t test_i041_client_tests_list[];
+__WEAK extern client_test_t test_i042_client_tests_list[];
+__WEAK extern client_test_t test_i043_client_tests_list[];
+__WEAK extern client_test_t test_i044_client_tests_list[];
+__WEAK extern client_test_t test_i045_client_tests_list[];
+__WEAK extern client_test_t test_i046_client_tests_list[];
+
+
+client_test_list_t client_ipc_test_list[] = {
+ NULL,
+ test_i001_client_tests_list,
+ test_i002_client_tests_list,
+ test_i003_client_tests_list,
+ test_i004_client_tests_list,
+ test_i005_client_tests_list,
+ test_i006_client_tests_list,
+ test_i007_client_tests_list,
+ test_i008_client_tests_list,
+ test_i009_client_tests_list,
+ test_i010_client_tests_list,
+ test_i011_client_tests_list,
+ test_i012_client_tests_list,
+ test_i013_client_tests_list,
+ test_i014_client_tests_list,
+ test_i015_client_tests_list,
+ test_i016_client_tests_list,
+ test_i017_client_tests_list,
+ test_i018_client_tests_list,
+ test_i019_client_tests_list,
+ test_i020_client_tests_list,
+ test_i021_client_tests_list,
+ test_i022_client_tests_list,
+ test_i023_client_tests_list,
+ test_i024_client_tests_list,
+ test_i025_client_tests_list,
+ test_i026_client_tests_list,
+ test_i027_client_tests_list,
+ test_i028_client_tests_list,
+ test_i029_client_tests_list,
+ test_i030_client_tests_list,
+ test_i031_client_tests_list,
+ test_i032_client_tests_list,
+ test_i033_client_tests_list,
+ test_i034_client_tests_list,
+ test_i035_client_tests_list,
+ test_i036_client_tests_list,
+ test_i037_client_tests_list,
+ test_i038_client_tests_list,
+ test_i039_client_tests_list,
+ test_i040_client_tests_list,
+ test_i041_client_tests_list,
+ test_i042_client_tests_list,
+ test_i043_client_tests_list,
+ test_i044_client_tests_list,
+ test_i045_client_tests_list,
+ test_i046_client_tests_list,
+ NULL,
+};
+
+#endif
diff --git a/psa-ff/test_suites/partition/ipc/server_partition.c b/psa-ff/test_suites/partition/ipc/server_partition.c
new file mode 100644
index 0000000..5e57fbe
--- /dev/null
+++ b/psa-ff/test_suites/partition/ipc/server_partition.c
@@ -0,0 +1,102 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "server_partition.h"
+
+void server_main(void)
+{
+ uint32_t test_data = 0;
+ int32_t test_status;
+ psa_signal_t signals = 0;
+ val_status_t status;
+ psa_msg_t msg = {0};
+ server_test_t *test_list;
+
+ while (1)
+ {
+ status = VAL_STATUS_SUCCESS;
+ signals = psa_wait_any(PSA_BLOCK);
+
+ if (signals & SERVER_TEST_DISPATCHER_SIG)
+ {
+ psa_get(SERVER_TEST_DISPATCHER_SIG, &msg);
+ switch (msg.type)
+ {
+ case PSA_IPC_CONNECT:
+ if (test_data != 0)
+ {
+ val_print(PRINT_ERROR, "must clear previous dispatcher connection\n", 0);
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ }
+ else
+ {
+ psa_reply(msg.handle, PSA_SUCCESS);
+ }
+ break;
+ case PSA_IPC_CALL:
+ if (psa_read(msg.handle, 0, &test_data, msg.in_size[0]) != sizeof(test_data))
+ {
+ val_print(PRINT_ERROR, "could not read dispatcher payload\n", 0);
+ status = VAL_STATUS_READ_FAILED;
+ }
+ if (VAL_ERROR(status))
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ break;
+ }
+
+ if (GET_ACTION_NUM(test_data) == TEST_EXECUTE_FUNC)
+ {
+ psa_reply(msg.handle, PSA_SUCCESS);
+ val_print(PRINT_INFO,"\tSERVER TEST FUNC START %d\n",
+ GET_BLOCK_NUM(test_data));
+
+ /* Get server test list of given test */
+ test_list = server_ipc_test_list[GET_TEST_NUM(test_data)];
+
+ /* Execute server test func */
+ test_status = test_list[GET_BLOCK_NUM(test_data)]();
+ }
+ else if (GET_ACTION_NUM(test_data) == TEST_RETURN_RESULT)
+ {
+ val_print(PRINT_INFO,"\tSERVER TEST FUNC END\n", 0);
+ psa_write(msg.handle, 0, &test_status, msg.out_size[0]);
+ psa_reply(msg.handle, PSA_SUCCESS);
+ }
+ else
+ {
+ psa_reply(msg.handle, PSA_CONNECTION_REFUSED);
+ }
+ break;
+ case PSA_IPC_DISCONNECT:
+ test_data=0;
+ status=0;
+ test_status=0;
+ psa_reply(msg.handle, PSA_SUCCESS);
+ break;
+ default:
+ val_print(PRINT_ERROR, "Unexpected message type %d!", (int)(msg.type));
+ while (1);
+ }
+ }
+ else
+ {
+ val_print(PRINT_ERROR, "In server_partition, Control shouldn't have reach here\n", 0);
+ while (1);
+ }
+ }
+}
diff --git a/psa-ff/test_suites/partition/ipc/server_partition.h b/psa-ff/test_suites/partition/ipc/server_partition.h
new file mode 100644
index 0000000..c5bb556
--- /dev/null
+++ b/psa-ff/test_suites/partition/ipc/server_partition.h
@@ -0,0 +1,122 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _SERVER_PART_H_
+#define _SERVER_PART_H_
+
+#include "val/common/val_client_defs.h"
+#include "val/spe/val_partition_common.h"
+
+typedef server_test_t (*server_test_list_t);
+
+__WEAK extern server_test_t test_i001_server_tests_list[];
+__WEAK extern server_test_t test_i002_server_tests_list[];
+__WEAK extern server_test_t test_i003_server_tests_list[];
+__WEAK extern server_test_t test_i004_server_tests_list[];
+__WEAK extern server_test_t test_i005_server_tests_list[];
+__WEAK extern server_test_t test_i006_server_tests_list[];
+__WEAK extern server_test_t test_i007_server_tests_list[];
+__WEAK extern server_test_t test_i008_server_tests_list[];
+__WEAK extern server_test_t test_i009_server_tests_list[];
+__WEAK extern server_test_t test_i010_server_tests_list[];
+__WEAK extern server_test_t test_i011_server_tests_list[];
+__WEAK extern server_test_t test_i012_server_tests_list[];
+__WEAK extern server_test_t test_i013_server_tests_list[];
+__WEAK extern server_test_t test_i014_server_tests_list[];
+__WEAK extern server_test_t test_i015_server_tests_list[];
+__WEAK extern server_test_t test_i016_server_tests_list[];
+__WEAK extern server_test_t test_i017_server_tests_list[];
+__WEAK extern server_test_t test_i018_server_tests_list[];
+__WEAK extern server_test_t test_i019_server_tests_list[];
+__WEAK extern server_test_t test_i020_server_tests_list[];
+__WEAK extern server_test_t test_i021_server_tests_list[];
+__WEAK extern server_test_t test_i022_server_tests_list[];
+__WEAK extern server_test_t test_i023_server_tests_list[];
+__WEAK extern server_test_t test_i024_server_tests_list[];
+__WEAK extern server_test_t test_i025_server_tests_list[];
+__WEAK extern server_test_t test_i026_server_tests_list[];
+__WEAK extern server_test_t test_i027_server_tests_list[];
+__WEAK extern server_test_t test_i028_server_tests_list[];
+__WEAK extern server_test_t test_i029_server_tests_list[];
+__WEAK extern server_test_t test_i030_server_tests_list[];
+__WEAK extern server_test_t test_i031_server_tests_list[];
+__WEAK extern server_test_t test_i032_server_tests_list[];
+__WEAK extern server_test_t test_i033_server_tests_list[];
+__WEAK extern server_test_t test_i034_server_tests_list[];
+__WEAK extern server_test_t test_i035_server_tests_list[];
+__WEAK extern server_test_t test_i036_server_tests_list[];
+__WEAK extern server_test_t test_i037_server_tests_list[];
+__WEAK extern server_test_t test_i038_server_tests_list[];
+__WEAK extern server_test_t test_i039_server_tests_list[];
+__WEAK extern server_test_t test_i040_server_tests_list[];
+__WEAK extern server_test_t test_i041_server_tests_list[];
+__WEAK extern server_test_t test_i042_server_tests_list[];
+__WEAK extern server_test_t test_i043_server_tests_list[];
+__WEAK extern server_test_t test_i044_server_tests_list[];
+__WEAK extern server_test_t test_i045_server_tests_list[];
+__WEAK extern server_test_t test_i046_server_tests_list[];
+
+server_test_list_t server_ipc_test_list[] = {
+ NULL,
+ test_i001_server_tests_list,
+ test_i002_server_tests_list,
+ test_i003_server_tests_list,
+ test_i004_server_tests_list,
+ test_i005_server_tests_list,
+ test_i006_server_tests_list,
+ test_i007_server_tests_list,
+ test_i008_server_tests_list,
+ test_i009_server_tests_list,
+ test_i010_server_tests_list,
+ test_i011_server_tests_list,
+ test_i012_server_tests_list,
+ test_i013_server_tests_list,
+ test_i014_server_tests_list,
+ test_i015_server_tests_list,
+ test_i016_server_tests_list,
+ test_i017_server_tests_list,
+ test_i018_server_tests_list,
+ test_i019_server_tests_list,
+ test_i020_server_tests_list,
+ test_i021_server_tests_list,
+ test_i022_server_tests_list,
+ test_i023_server_tests_list,
+ test_i024_server_tests_list,
+ test_i025_server_tests_list,
+ test_i026_server_tests_list,
+ test_i027_server_tests_list,
+ test_i028_server_tests_list,
+ test_i029_server_tests_list,
+ test_i030_server_tests_list,
+ test_i031_server_tests_list,
+ test_i032_server_tests_list,
+ test_i033_server_tests_list,
+ test_i034_server_tests_list,
+ test_i035_server_tests_list,
+ test_i036_server_tests_list,
+ test_i037_server_tests_list,
+ test_i038_server_tests_list,
+ test_i039_server_tests_list,
+ test_i040_server_tests_list,
+ test_i041_server_tests_list,
+ test_i042_server_tests_list,
+ test_i043_server_tests_list,
+ test_i044_server_tests_list,
+ test_i045_server_tests_list,
+ test_i046_server_tests_list,
+ NULL,
+};
+#endif
diff --git a/psa-ff/tools/makefiles/Makefile b/psa-ff/tools/makefiles/Makefile
new file mode 100644
index 0000000..f264d76
--- /dev/null
+++ b/psa-ff/tools/makefiles/Makefile
@@ -0,0 +1,65 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+export SUITE_IN= $(SOURCE)/test_suites/$(SUITE)
+export SUITE_OUT= $(BUILD)/$(SUITE)
+
+include $(SOURCE)/tools/makefiles/toolchain.mk
+
+
+all: clean target_cfg gen_linker build simulate
+
+#Generate target files from User provided data base
+target_cfg:
+ mkdir -p $(BUILD)/platform/${TARGET}/
+ @if [ ! -f "$(SOURCE)/platform/targets/$(TARGET)/target.cfg" ]; then { echo "Error: Target Not Found!!!"; exit 1; } fi
+ perl $(SOURCE)/tools/scripts/targetConfigGen.pl $(SOURCE) $(BUILD) ${TARGET}
+
+#Read target.cfg and update the addresses in linker script
+gen_linker:
+ mkdir -p $(SUITE_OUT)/;
+ perl $(SOURCE)/tools/scripts/process_test_linker_file.pl $(SOURCE) $(SUITE_OUT) ${TARGET} $(TOOLCHAIN)
+
+
+#Build framework archives and test_combine.elf
+build: pal_nspe.a val_nspe.a test_combine.elf
+
+pal_nspe.a:
+ @echo "----------pal build start-------------"
+ make -f $(SOURCE)/platform/nspe/Makefile
+ @echo "----------pal build complete-------------"
+
+val_nspe.a:
+ @echo "----------val build start-------------"
+ make -f $(SOURCE)/tools/makefiles/valbuild.mk
+ @echo "----------val build complete-------------"
+
+test_combine.elf: test.elf
+ perl $(SOURCE)/tools/scripts/test_elf_combine.pl $(SUITE) $(SUITE_OUT)/.testlist.txt
+ hexdump -v -e ' 1/4 "%08X" "\n"' $(SUITE_OUT)/test_elf_combine.bin > $(SUITE_OUT)/test_elf_combine.hex
+
+test.elf:
+ @echo "----------test build start-------------"
+ @mkdir -p $(SUITE_OUT)/
+ @$(eval TEST_LIST := $(shell grep "^test" $(SUITE_IN)/testsuite.db > $(SUITE_OUT)/.testlist.txt ; cat $(SUITE_OUT)/.testlist.txt))
+ @$(foreach TEST,$(TEST_LIST), make -f $(SOURCE)/tools/makefiles/testbuild.mk TEST=$(TEST) ;)
+ @echo "----------test build complete-------------"
+
+simulate:
+
+clean:
+ @echo ">>>> Cleaning the build directory..."
+ rm -rf $(BUILD)/*
diff --git a/psa-ff/tools/makefiles/test.linker b/psa-ff/tools/makefiles/test.linker
new file mode 100644
index 0000000..75a9257
--- /dev/null
+++ b/psa-ff/tools/makefiles/test.linker
@@ -0,0 +1,55 @@
+/* Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+ENTRY(acs_test_info)
+
+TEST_START = 0x2004F000;
+
+MEMORY
+{
+ TEST_INFO (R) : ORIGIN = TEST_START, LENGTH = 0x100
+ TEST_TEXT (RX) : ORIGIN = TEST_START +0x100, LENGTH = 0xC00
+ TEST_DATA (RW) : ORIGIN = TEST_START +0xD00, LENGTH = 0x1100
+}
+
+SECTIONS
+{
+ .acs_test_info :
+ {
+ KEEP(*(.acs_test_info))
+ } > TEST_INFO
+
+ .text :
+ {
+ *(.text)
+ *(.text*)
+ *(.rodata)
+ *(.rodata*)
+ } > TEST_TEXT
+
+ .data :
+ {
+ *(.data)
+ *(.data*)
+ } > TEST_DATA
+
+ .bss :
+ {
+ *(.bss)
+ *(.bss.*)
+ *(COMMON)
+ } > TEST_DATA
+}
diff --git a/psa-ff/tools/makefiles/testbuild.mk b/psa-ff/tools/makefiles/testbuild.mk
new file mode 100644
index 0000000..801f67c
--- /dev/null
+++ b/psa-ff/tools/makefiles/testbuild.mk
@@ -0,0 +1,51 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+include $(SOURCE)/tools/makefiles/toolchain.mk
+include $(SUITE_IN)/$(TEST)/source.mk
+
+
+INCLUDE= -I$(SOURCE)/val/common/ \
+ -I$(SOURCE)/val/nspe/ \
+ -I$(SOURCE)/platform/nspe/ \
+ -I$(SUITE_IN)/$(TEST)/\
+ -I$(SUITE_IN)/include/
+
+VPATH=$(SOURCE)/val/common/:\
+ $(SOURCE)/val/nspe/:\
+ $(SUITE_IN)/$(TEST)/:\
+ $(SUITE_IN)/include/
+
+
+
+all: mkdir compile_c compile_asm test.elf
+
+mkdir:
+ mkdir -p $(SUITE_OUT)/$(TEST)/
+
+compile_c: $(CC_SOURCE:%.c=$(SUITE_OUT)/$(TEST)/%.o)
+compile_asm: $(AS_SOURCE:%.s=$(SUITE_OUT)/$(TEST)/%.o)
+
+$(SUITE_OUT)/$(TEST)/%.o : %.c
+ $(CC) -D NONSECURE_TEST_BUILD -o $@ -c $<
+
+$(SUITE_OUT)/$(TEST)/%.o : %.s
+ $(AS) -o $@ $<
+
+test.elf:
+ $(LD) -Xlinker -Map=$(SUITE_OUT)/$(TEST)/test.map -o $(SUITE_OUT)/$(TEST)/test.elf -T$(SUITE_OUT)/.test.linker $(SUITE_OUT)/$(TEST)/*.o
+ $(DS) $(SUITE_OUT)/$(TEST)/test.elf > $(SUITE_OUT)/$(TEST)/test.disass
+
diff --git a/psa-ff/tools/makefiles/toolchain.mk b/psa-ff/tools/makefiles/toolchain.mk
new file mode 100644
index 0000000..bc29c67
--- /dev/null
+++ b/psa-ff/tools/makefiles/toolchain.mk
@@ -0,0 +1,66 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+TOOLCHAIN=GCC_ARM
+PREFIX=
+
+ifneq (,$(findstring $(TOOLCHAIN),GNUARM-GCC))
+ifeq (${TOOLCHAIN}, GNUARM)
+PREFIX=arm-none-eabi-
+endif
+
+ifeq (${CPU_ARCH}, armv7m)
+TARGET_SWITCH= -march=armv7-m
+else
+ifeq (${CPU_ARCH}, armv8m_ml)
+TARGET_SWITCH= -march=armv8-m.main -mcmse
+else
+TARGET_SWITCH= -march=armv8-m.base -mcmse
+endif
+endif
+
+COMPILER= $(PREFIX)gcc
+ASSEMBLER= $(PREFIX)as
+AR= $(PREFIX)ar
+LINKER= $(PREFIX)gcc
+OBJDUMP=$(PREFIX)objdump
+
+COMPILER_OPTIONS= $(TARGET_SWITCH) -Wall -Werror -fdata-sections -ffunction-sections -mno-unaligned-access -DVAL_NSPE_BUILD
+
+ifeq (${SUITE}, crypto)
+COMPILER_OPTIONS += -DCRYPTO_SUITE
+endif
+
+ASSEMBLER_OPTIONS= $(TARGET_SWITCH) -mthumb
+AR_OPTIONS= -rc
+LINKER_OPTIONS= $(TARGET_SWITCH) -mthumb -Wall -Werror -O0 -fdata-sections \
+ -ffunction-sections -Xlinker --fatal-warnings -Xlinker --gc-sections \
+ -z max-page-size=0x400 -lgcc -lc -lnosys
+OBJDUMP_OPTIONS= -d
+endif #GNUARM-GCC
+
+ifeq (${TOOLCHAIN}, ARMCLANG)
+#TBD
+endif
+
+ifeq (${PSA_API_ELEMENTS_AVAILABLE}, 1)
+COMPILER_OPTIONS += -DPSA_API_ELEMENTS_AVAILABLE
+endif
+
+CC= $(COMPILER) $(COMPILER_OPTIONS) $(CC_OPTIONS) $(USER_INCLUDE) $(INCLUDE)
+AS= $(ASSEMBLER) $(ASSEMBLER_OPTIONS) $(AS_OPTIONS)
+LD= $(LINKER) $(LINKER_OPTIONS)
+DS= $(OBJDUMP) $(OBJDUMP_OPTIONS)
diff --git a/psa-ff/tools/makefiles/valbuild.mk b/psa-ff/tools/makefiles/valbuild.mk
new file mode 100644
index 0000000..3290533
--- /dev/null
+++ b/psa-ff/tools/makefiles/valbuild.mk
@@ -0,0 +1,48 @@
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+include $(SOURCE)/tools/makefiles/toolchain.mk
+
+INCLUDE= -I$(SOURCE)/val/common/ \
+ -I$(SOURCE)/val/nspe/ \
+ -I$(SOURCE)/val/spe/ \
+ -I$(SOURCE)/platform/nspe/ \
+
+VPATH=$(SOURCE)/val/common/:\
+ $(SOURCE)/val/nspe/:\
+ $(SOURCE)/val/spe/
+
+SRC_COMMON=
+SRC_NS= val_entry.c val_dispatcher.c val_framework.c val_crypto.c val_interfaces.c val_peripherals.c val_target.c
+
+all: build
+
+build: mkdir build_common build_ns val_nspe.a
+
+mkdir:
+ @mkdir -p $(BUILD)/val/
+
+build_common: $(SRC_COMMON:%.c=$(BUILD)/val/%.o)
+build_ns: $(SRC_NS:%.c=$(BUILD)/val/%.o)
+
+$(BUILD)/val/%.o : %.c
+ $(CC) $(INCLUDE) -DVERBOSE=$(VERBOSE) -o $@ -c $<
+
+val_nspe.a:
+ $(AR) $(AR_OPTIONS) $(BUILD)/val/val_nspe.a $(BUILD)/val/*.o
+
+clean:
+ @rm -rf $(BUILD)/val/*.o $(BUILD)/val/*.a
diff --git a/psa-ff/tools/scripts/process_test_linker_file.pl b/psa-ff/tools/scripts/process_test_linker_file.pl
new file mode 100755
index 0000000..c56b89c
--- /dev/null
+++ b/psa-ff/tools/scripts/process_test_linker_file.pl
@@ -0,0 +1,65 @@
+#!/usr/bin/env perl
+#/** @file
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+print "\n>>>> Updating linker file... \n";
+
+#inputs
+$source=$ARGV[0];
+$suite_out=$ARGV[1];
+$target=$ARGV[2];
+$toolchain=$ARGV[3];
+
+$targetConfigPath = "$source/platform/targets/$target/target.cfg";
+$linker_in = "";
+$linker_out = "";
+$ns_test_start_addr = undef;
+
+if($toolchain eq "GNUARM")
+{
+ $linker_in = "$source/tools/makefiles/test.linker";
+ $linker_out = "$suite_out/.test.linker";
+}
+
+open(IN, $targetConfigPath) or die "Unable to open $targetConfigPath $!";
+while(<IN>) {
+ if($_ !~ /^\//) {# exclude commented lines
+ if($_ =~ /\.ns_test_addr(\s*)\=(\s*)(.+)(\s*)\;/) {
+ $ns_test_start_addr = $3;
+ }
+ }
+}
+close IN;
+if(defined($ns_test_start_addr))
+{
+ open(IN, $linker_in) or die "Unable to open $linker_in $!";
+ open(OUT, '>', $linker_out) or die "Unable to open: $!";
+ while(<IN>) {
+ if($_ =~ /^TEST_START/){
+ print OUT "TEST_START = $ns_test_start_addr;\n";
+ }else{
+ print OUT "$_";
+ }
+ }
+ close IN;
+ close OUT;
+ print "linker file - $linker_out\n"
+}
+else
+{
+ die ("Error: ns_test_addr is not found in target.cfg file\n");
+}
diff --git a/psa-ff/tools/scripts/setup.sh b/psa-ff/tools/scripts/setup.sh
new file mode 100755
index 0000000..67b3b56
--- /dev/null
+++ b/psa-ff/tools/scripts/setup.sh
@@ -0,0 +1,242 @@
+#!/usr/bin/env bash
+
+#/** @file
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+echo ""
+
+declare -a INCLUDE_PATHS
+export CLIENT_FILE_FOUND=0
+export SERVICE_FILE_FOUND=0
+HELP="
+
+Usage: setup.sh [--source SOURCE_DIR] [--build BUILD_DIR] [--target TARGET] [--suite SUITE]
+ [--toolchain TOOLCHAIN] [--cpu_arch CPU_ARCH] [--clean] [--verbose PRINT_LEVEL]
+ [--include INCLUDE_PATH] [--help|-h]
+
+Arguments Info:
+ --source <SOURCE_DIR> : SOURCE_DIR pointing to compliance test directory structure.
+ Default is current directory
+ --build <BUILD_DIR> : To select the build (output) directory. Default: BUILD/ inside current directory
+ --target <TARGET> : Provide target string as argument.
+ target.cfg file corresponding to input string must be avaiable at
+ platform/targets/<TARGET>/
+ --suite <SUITE> : Compile tests for given suite. Support values are ipc and crypto.
+ Default is ipc suite.
+ --toolchain <TOOLCHAIN> : Build using the given TOOLCHAIN. Supported value is GNUARM (GNU Arm Embedded).
+ Future release will be extended to support ARMCLANG (ARM Compiler 6.x).
+ --cpu_arch <CPU_ARCH> : Provide cpu arch string as argument.
+ Supported CPU arch are armv8m_ml, armv8m_bl and armv7m.
+ --clean : Clean the build directory
+ --verbose <PRINT_LEVEL> : Print verbosity level
+ Supported print levels are:
+ 1 - INFO & above.
+ 2 - DEBUG & above.
+ 3 - TEST & above.(Default)
+ 4 - WARN & ERROR.
+ 5 - ERROR.
+ --include <INCLUDE_PATH>: Additional directory to be included into compiler search path.
+ Note - You must provide PSA defined API element header files psa_client.h and psa_service.h
+ to compile IPC compliance tests. Provide --include <path> where path
+ pointing to location of PSA defined header files.
+ You can specify multiple source locations using --include option.
+ Ex: --include <path1> --include <path2>
+ --help|-h : Print this help message
+
+"
+
+if [ "$#" == "0" ]; then
+ echo "Error: no argument to setup.sh"
+ echo "$HELP"
+ exit 1
+fi
+
+while [ $# -gt 0 ]; do
+ case $1 in
+ --source ) shift
+ export SOURCE=$1
+ ;;
+ --build ) shift
+ export BUILD="$1/BUILD"
+ ;;
+ --target ) shift
+ export TARGET=$1
+ ;;
+ --suite ) shift
+ export SUITE=$1
+ ;;
+ --toolchain ) shift
+ export TOOLCHAIN=$1
+ ;;
+ --cpu_arch ) shift
+ export CPU_ARCH=$1
+ ;;
+ --clean )
+ export CLEAN=1
+ ;;
+ --verbose ) shift
+ export VERBOSE=$1
+ ;;
+ --include ) shift
+ export INCLUDE=" -I $1/ $INCLUDE "
+ INCLUDE_PATHS=("${INCLUDE_PATHS[@]}" $1)
+ ;;
+ --help | -h | * )
+ echo "$HELP"
+ exit 1
+ ;;
+ * )
+ echo "Error: Invaid argument"
+ echo "$HELP"
+ exit 1
+ esac
+ shift
+done
+
+echo ">>>> Processing inputs..."
+if [ -z "$SOURCE" ]
+then
+ export SOURCE=./
+ echo "--source option is not provided, hence setting \$SOURCE to present dir"
+else
+ echo "setting \$SOURCE to $SOURCE"
+fi
+
+if [ ! -d "$SOURCE/test_suites" ]
+then
+ echo "Error: Could not find compliance tests directories in current path $SOURCE"
+ exit 1
+fi
+
+if [ -z "$BUILD" ]
+then
+ export BUILD="./BUILD"
+ echo "--build option is not provided, hence setting \$BUILD to ./BUILD"
+else
+ echo "setting \$BUILD to $BUILD"
+fi
+
+if [ -z "$TARGET" ]
+then
+ echo "Provide target string as argument using --target <string>"
+ exit 1
+else
+ echo "Using \$TARGET=$TARGET"
+fi
+
+if [ -z "$SUITE" ]
+then
+ export SUITE=ipc
+ echo "--suite option is not provided, hence using default value \$SUITE=$SUITE"
+else
+ echo "Using \$SUITE=$SUITE"
+fi
+
+if [ $SUITE == "ipc" ]
+then
+ if [ -z "$INCLUDE" ]
+ then
+ echo "Error: --include option is not provided.
+ You must provide PSA defined API element header files psa_client.h and psa_service.h
+ to compile IPC compliance tests. Provide --include <path> where path pointing to
+ location of PSA defined header files.
+ You can specify multiple source locations using --include option.
+ Ex: --include <path1> --include <path2> "
+ exit 1
+ else
+ for path in "${INCLUDE_PATHS[@]}"
+ do
+ if [ -f "$path/psa_client.h" ]
+ then
+ export CLIENT_FILE_FOUND=1
+ fi
+ if [ -f "$path/psa_service.h" ]
+ then
+ export SERVICE_FILE_FOUND=1
+ fi
+ done
+ if [ $CLIENT_FILE_FOUND == "0" ]
+ then
+ echo "Couldn't find psa_client.h file in paths: ${INCLUDE_PATHS[@]}"
+ exit 1
+ fi
+ if [ $SERVICE_FILE_FOUND == "0" ]
+ then
+ echo "Couldn't find psa_service.h file in paths: ${INCLUDE_PATHS[@]}"
+ exit 1
+ fi
+ export PSA_API_ELEMENTS_AVAILABLE=1
+ fi
+fi
+
+if [ -z "$TOOLCHAIN" ]
+then
+ export TOOLCHAIN=GNUARM
+ echo "--toolchain option is not provided, hence using default value \$TOOLCHAIN=$TOOLCHAIN"
+else
+ echo "Using \$TOOLCHAIN=$TOOLCHAIN"
+fi
+
+if [ $TOOLCHAIN != "GNUARM" ]
+#if [ $TOOLCHAIN != "GNUARM" ] && [ $TOOLCHAIN != "ARMCLANG" ]
+then
+ echo "Error: Unsupported value for --toolchain=$TOOLCHAIN. Supported toolchain is GNUARM"
+ #echo "Error: Unsupported value for --toolchain=$TOOLCHAIN. Supported toolchain are GNUARM and ARMCLANG"
+ exit 1
+fi
+
+if [ -z "$CPU_ARCH" ]
+then
+ echo "Error: Provide cpu arch string as argument using --cpu_arch <string>"
+ echo "Supported CPU arch are armv8m_ml, armv8m_bl, armv7m"
+ exit 1
+else
+ echo "Using \$CPU_ARCH=$CPU_ARCH"
+fi
+
+if [ $CPU_ARCH != "armv8m_ml" ] && [ $CPU_ARCH != "armv8m_bl" ] && [ $CPU_ARCH != "armv7m" ]
+then
+ echo "Error: Unsupported value for --cpu_arch=$CPU_ARCH. Supported CPU arch are armv8m_ml, armv8m_bl, armv7m"
+ exit 1
+fi
+
+if [ ! -z "$VERBOSE" ]
+then
+ if [ $VERBOSE != "1" ] && [ $VERBOSE != "2" ] && [ $VERBOSE != "3" ] && [ $VERBOSE != "4" ] && [ $VERBOSE != "5" ]
+ then
+ echo "Error: Unsupported value for --verbose=$VERBOSE."
+ echo "Supported print levels are:"
+ echo "1 - INFO & above."
+ echo "2 - DEBUG & above."
+ echo "3 - TEST & above."
+ echo "4 - WARN & ERROR."
+ echo "5 - ERROR."
+ exit 1
+ fi
+else
+ export VERBOSE=3
+fi
+
+
+if [ -z "$CLEAN" ]
+then
+ #Build VAL/PAL static library and Tests ELFs
+ echo "make -f $SOURCE/tools/makefiles/Makefile SOURCE=$SOURCE BUILD=$BUILD TARGET=$TARGET SUITE=$SUITE TOOLCHAIN=$TOOLCHAIN CPU_ARCH=$CPU_ARCH VERBOSE=$VERBOSE PSA_HEADER_INC=\"$INCLUDE\" all"
+ make -f $SOURCE/tools/makefiles/Makefile SOURCE=$SOURCE BUILD=$BUILD TARGET=$TARGET SUITE=$SUITE TOOLCHAIN=$TOOLCHAIN CPU_ARCH=$CPU_ARCH VERBOSE=$VERBOSE USER_INCLUDE="$INCLUDE" PSA_API_ELEMENTS_AVAILABLE=$PSA_API_ELEMENTS_AVAILABLE all
+else
+ make -f $SOURCE/tools/makefiles/Makefile SOURCE=$SOURCE BUILD=$BUILD TARGET=$TARGET SUITE=$SUITE TOOLCHAIN=$TOOLCHAIN CPU_ARCH=$CPU_ARCH VERBOSE=$VERBOSE USER_INCLUDE="$INCLUDE" PSA_API_ELEMENTS_AVAILABLE=$PSA_API_ELEMENTS_AVAILABLE clean
+fi
diff --git a/psa-ff/tools/scripts/targetConfigGen.pl b/psa-ff/tools/scripts/targetConfigGen.pl
new file mode 100755
index 0000000..8ce8ede
--- /dev/null
+++ b/psa-ff/tools/scripts/targetConfigGen.pl
@@ -0,0 +1,235 @@
+#!/usr/bin/env perl
+#/** @file
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+#---------------------------------------------------------------------
+# USAGE:
+# 1) perl <this_script> <targetConfig_file>
+# 2) gcc <generated_C_file> -o <executable_file>
+# 3) ./<executable_file>
+# 4) Resulting output file is target.hex
+#---------------------------------------------------------------------
+# THIS SCRIPT :
+# 1) Reads the targetConfig.cfg file written in pre-defined format.
+# 2) * Generates a C file based on targetConfig, complete with all
+# variable declarations and C syntax formatting.
+# * It will #include val_target.h header file which contains
+# template info about each device described in targetConfig.
+# * This header file is also used by test code to unpack the
+# resulting hex file.
+# 3) The autogenerated C file will then be compiled and the resulting
+# executable run to generate target.hex file: which is the packed
+# output of the targetConfig.cfg parameters.
+#---------------------------------------------------------------------
+# NOTE: Only C-style single line commenting is permitted inside targetConfig.cfg
+#---------------------------------------------------------------------
+
+use List::MoreUtils qw(uniq);
+
+print "\n>>>> Generating targetConfig data base... \n";
+$source=$ARGV[0];
+$build=$ARGV[1];
+$target=$ARGV[2];
+$targetConfigPath = "$source/platform/targets/$target/target.cfg";
+$final_output = "$build/platform/$target/pal_database";
+$output_c = "$build/platform/$target/targetConfigGen.c";
+$input_h = "$source/val/nspe/val_target.h";
+
+$final_output_file = undef;
+if($final_output =~ /([0-9a-zA-Z_]+)$/) {
+ $final_output_file = $1;
+}
+
+@unique_devices = undef;
+
+open(IN, $targetConfigPath) or die "Unable to open $targetConfigPath $!";
+open(OUT, '>', $output_c) or die "Unable to open: $!";
+
+#---------------------------------------------------------------------
+# Open header file and go through enum definition to find group of
+# each component; rather than making partner do it. Store in a hash.
+#---------------------------------------------------------------------
+open(IN0, $input_h) or die "Unable to open: $!";
+my %comp_groups;
+while(<IN0>) {
+ if($_ =~ /COMPONENT_GROUPING/) {
+ while($nextline !~ /\}/) {
+ $nextline = <IN0>;
+ #print "$nextline";
+ if($nextline =~ /(\S+)(\s*)\=(\s*)GROUP_([0-9a-zA-Z_]+)(,*)\n/) {
+ $comp_groups{$1} = $4;
+ }
+ }
+ }
+}
+close IN0;
+#print keys %comp_groups, "\n";
+#print values %comp_groups, "\n";
+#---------------------------------------------------------------------
+
+print OUT '#include "val_target.h"',"\n";
+print OUT '#include <stdio.h>',"\n\n";
+
+print OUT "int main\(void\) \{\n";
+
+while(<IN>) {
+ if($_ !~ /^\//) {# exclude commented lines
+
+ if($_ =~ /(\S+)\.num(\s*)\=(\s*)(\d+)(\s*)\;/) {
+ print OUT lc($comp_groups{uc($1)}),"_desc_t $1\[$4\];\n";
+ print OUT "int $1","_num_instances \= $4\;\n";
+
+ # For each instance of this device
+ for ($count = 0; $count < $4; $count++) {
+ print OUT "$1\[$count\]\.cfg_type\.cfg_id \= \(GROUP_",$comp_groups{uc($1)}," << 24\) \+ \(",$comp_groups{uc($1)},"_",uc($1)," << 16\) \+ $count\;\n";
+ print OUT "$1\[$count\]\.cfg_type\.size \= sizeof\($1\)\/$1","_num_instances\;\n";
+ print OUT "$1\[$count\]\.cfg_type\.size \|\= $1","_num_instances << 24\;\n";
+ }
+
+ push(@unique_devices, $1);
+ push(@unique_groups, $comp_groups{uc($1)});
+ }
+ #elsif($_ =~ /(\S+)\.(\d+)\.(\S+)(\s*)\=(\s*)(\S+)(\s*)\;/) {
+ elsif($_ =~ /(\S+)\.(\d+)\.(\S+)(\s*)\=(\s*)(.+)\;/) {
+ print OUT "$1\[$2\]\.$3 \= $6\;\n";
+ }
+ else {
+ print OUT $_;
+ }
+
+ }
+}
+
+# Remove empty elements from array
+@unique_devices = grep { $_ ne '' } @unique_devices;
+# Remove duplicate groups
+@unique_groups = uniq @unique_groups;
+@unique_groups = grep { $_ ne '' } @unique_groups;
+
+#print "@unique_devices\n";
+#print "@unique_groups\n\n";
+
+foreach $thisgroup (@unique_groups) {
+ print "\nGROUP $thisgroup \n";
+ print OUT lc($thisgroup),"_hdr_t group_",lc($thisgroup),"\;\n";
+ print OUT "int group_",lc($thisgroup),"_size \= sizeof(group_",lc($thisgroup),"\)\;\n";
+ print OUT "int group_",lc($thisgroup),"_count \= 0\;\n";
+
+ print OUT "group_",lc($thisgroup),"\.cfg_type\.cfg_id \= \(GROUP_",$thisgroup," << 24\)\;\n";
+
+ foreach $thisdevice (@unique_devices) {
+ if($comp_groups{uc($thisdevice)} eq $thisgroup) {
+ print "DEVICE $thisdevice \n";
+ print OUT "group_",lc($thisgroup),"_size \= group_",lc($thisgroup),"_size \+ sizeof\($thisdevice\)\;\n";
+ print OUT "group_",lc($thisgroup),"_count \= group_",lc($thisgroup),"_count \+ $thisdevice","_num_instances\;\n";
+
+ }
+ }
+ print OUT "group_",lc($thisgroup),"\.cfg_type\.size \= group_",lc($thisgroup),"_size\;\n";
+ print OUT "group_",lc($thisgroup),"\.num \= group_",lc($thisgroup),"_count\;\n";
+
+ print OUT "\n";
+}
+
+print OUT "\n";
+print OUT "uint32_t\* word_ptr\;\n";
+print OUT "int byte_no \= 0\;\n";
+#print OUT "int instance_no \= 0\;\n";
+#print OUT "int instance_size \= 0\;\n";
+#print OUT "device_type_t device_id\;\n";
+print OUT "FILE \* fp\;\n";
+print OUT "fp \= fopen\(\"",$final_output,"\.h\"\, \"w\"\)\;\n\n";
+
+# Printing out main header inside hex file
+#print OUT "fprintf\(fp\, \"#include \\\"pal_fvp_config\.h\\\"\\n\\n\"\)\;\n";
+print OUT "fprintf\(fp\, \"#ifndef ",uc($final_output_file),"\\n\"\)\;\n";
+print OUT "fprintf\(fp\, \"#define ",uc($final_output_file),"\\n\\n\"\)\;\n";
+print OUT "fprintf\(fp\, \"__attribute__\(\(section\(\\\"\.target_config_ns_data\\\"\)\)\)\\n\"\)\;\n";
+print OUT "fprintf\(fp\, \"const uint32_t\\n\"\)\;\n";
+print OUT "fprintf\(fp\, \"database[] \= \{\\n\"\)\;\n";
+
+# print OUT "fprintf\(fp\, \"0x\%08x\,\\n\"\, \"_CFG\"\)\;\n";
+# print OUT "fprintf\(fp\, \"0x\%08x\,\\n\"\, \" FVP\"\)\;\n";
+# print OUT "fprintf\(fp\, \"0x\%08x\,\\n\"\, \"_CFG\"\)\;\n";
+# TBSA_CFG header
+print OUT "fprintf\(fp\, \"0x\%x\"\, \'T\'\)\;\n";
+print OUT "fprintf\(fp\, \"\%x\"\, \'B\'\)\;\n";
+print OUT "fprintf\(fp\, \"\%x\"\, \'S\'\)\;\n";
+print OUT "fprintf\(fp\, \"\%x\,\\n\"\, \'A\'\)\;\n";
+print OUT "fprintf\(fp\, \"0x\%x\"\, \'_\'\)\;\n";
+print OUT "fprintf\(fp\, \"\%x\"\, \'C\'\)\;\n";
+print OUT "fprintf\(fp\, \"\%x\"\, \'F\'\)\;\n";
+print OUT "fprintf\(fp\, \"\%x\,\\n\"\, \'G\'\)\;\n";
+# FVP_CFG header
+print OUT "fprintf\(fp\, \"0x\%x\"\, \' \'\)\;\n";
+print OUT "fprintf\(fp\, \"\%x\"\, \'F\'\)\;\n";
+print OUT "fprintf\(fp\, \"\%x\"\, \'V\'\)\;\n";
+print OUT "fprintf\(fp\, \"\%x\,\\n\"\, \'P\'\)\;\n";
+print OUT "fprintf\(fp\, \"0x\%x\"\, \'_\'\)\;\n";
+print OUT "fprintf\(fp\, \"\%x\"\, \'C\'\)\;\n";
+print OUT "fprintf\(fp\, \"\%x\"\, \'F\'\)\;\n";
+print OUT "fprintf\(fp\, \"\%x\,\\n\"\, \'G\'\)\;\n";
+
+print OUT "uint32_t version \= 1\;\n";
+print OUT "fprintf\(fp\, \"0x\%08x\,\\n\"\, version\)\;\n";
+#print OUT "fwrite\(\&version\, 4\, 1\, fp\)\;\n";
+print OUT "uint32_t total_size \= 0\;\n";
+
+foreach $thisgroup (@unique_groups) {
+ print OUT "total_size \= total_size \+ group_",lc($thisgroup),"_size\;\n";
+}
+# foreach $thisdevice (@unique_devices) {
+# print OUT "total_size \= total_size \+ sizeof\($thisdevice\) \+ \(8\* $thisdevice","_num_instances\)\;\n";
+# }
+# Add main header size
+print OUT "total_size \= total_size \+8 \+8 \+4 \+4 \+4\;\n";
+#print OUT "fwrite\(\&total_size\, 4\, 1\, fp\)\;\n\n";
+print OUT "fprintf\(fp\, \"0x\%08x\,\\n\"\, total_size\)\;\n";
+
+
+foreach $thisgroup (@unique_groups) {
+ print OUT "word_ptr \= \(uint32_t \*\)\&group_",lc($thisgroup),"\;\n";
+ print OUT "for\(byte_no\=0\; byte_no\<\sizeof\(group_",lc($thisgroup),"\)\; byte_no\=byte_no\+4\)\{\n";
+ #print OUT "fwrite\(word_ptr\, 4\, 1\, fp\)\;\n";
+ #print OUT "printf\(\"\%08x\,\\n\"\, \*word_ptr\)\;\n";
+ print OUT "fprintf\(fp\, \"0x\%08x\,\\n\"\, \*word_ptr\)\;\n";
+ print OUT "word_ptr\+\+\;\n";
+ print OUT "\}\n";
+
+ foreach $thisdevice (@unique_devices) {
+ if($comp_groups{uc($thisdevice)} eq $thisgroup) {
+ print OUT "\tword_ptr \= \(uint32_t \*\)\&","$thisdevice","\[0\]\;\n";
+ print OUT "\tfor\(byte_no\=0\; byte_no\<\sizeof\($thisdevice\)\; byte_no\=byte_no\+4\)\{\n";
+ #print OUT "\tfwrite\(word_ptr\, 4\, 1\, fp\)\;\n";
+ #print OUT "\tprintf\(\"\%08x\,\\n\"\, \*word_ptr\)\;\n";
+ print OUT "\tfprintf\(fp\, \"0x\%08x\,\\n\"\, \*word_ptr\)\;\n";
+ print OUT "\tword_ptr\+\+\;\n";
+ print OUT "\t\}\n";
+ }
+ }
+}
+print OUT "fprintf\(fp\, \"0x\%08x\\n\"\, 0xffffffff\)\;\n";
+print OUT "fprintf\(fp\, \"\}\;\\n\\n\"\)\;\n";
+print OUT "fprintf\(fp\, \"#endif \\n\"\)\;\n";
+
+
+print OUT "\nreturn 0;\}\/\/int main";
+
+#generate pal_database.h file
+print "gcc $output_c -o $build/platform/$target/targetConfigGen -I$source/val/nspe -I$source/val/common\n";
+system("gcc $output_c -o $build/platform/$target/targetConfigGen -I$source/val/nspe -I$source/val/common") && die ("Failed to compile targetConfigGen.c \n");
+print "./$build/platform/$target/targetConfigGen\n";
+system("./$build/platform/$target/targetConfigGen ") && die ("Failed to generate targetConfig data base \n");
diff --git a/psa-ff/tools/scripts/test_elf_combine.pl b/psa-ff/tools/scripts/test_elf_combine.pl
new file mode 100755
index 0000000..5898858
--- /dev/null
+++ b/psa-ff/tools/scripts/test_elf_combine.pl
@@ -0,0 +1,89 @@
+#!/usr/bin/env perl
+#/** @file
+# * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+# * SPDX-License-Identifier : Apache-2.0
+# *
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# *
+# * http://www.apache.org/licenses/LICENSE-2.0
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+#**/
+
+use File::Find;
+use File::Basename;
+use List::MoreUtils 'uniq';
+
+print "\n>>>> Combining test ELFs... \n";
+
+#Inputs
+$suite = $ARGV[0];
+$test_list_file = $ARGV[1];
+
+@suite_out = split("/.testlist.txt", $test_list_file);
+
+# Final output elf file
+$output_elf = "$suite_out[0]/test_elf_combine.bin";
+
+
+my @all_elf_paths;
+@test_list = `cat $test_list_file`;
+
+
+open(OUT, '>:raw', $output_elf) or die "Unable to open: $!";
+
+# Collecting all elf file paths
+
+foreach $test (@test_list)
+{
+ chomp($test);
+ push @all_elf_paths, "$suite_out[0]/$test/test.elf";
+ if (!(-e "$suite_out[0]/$test/test.elf"))
+ {
+ print "ELF not found - $suite_out[0]/$test/test.elf\n";
+ exit 1;
+ }
+}
+
+foreach $elf (@all_elf_paths) {
+
+ # Find elf sizes
+ $elf_size = -s $elf;
+
+ # Get readelf program header info from either elf and process it
+ $out = `readelf -l $elf`;
+ if($out =~ /LOAD(\s+)(0[xX][0-9a-fA-F]+)/)
+ {
+ $program_header = hex($2);
+ }
+
+ # Determining test_id from elf at location pointed by program header
+ open(TEST_NS_ID, '<:raw', $elf) or die "Unable to open: $!";
+ seek(TEST_NS_ID, $program_header, 0);
+ read TEST_NS_ID, $test_id_raw, 4;
+
+ $test_id = unpack('L<', $test_id_raw);
+ close TEST_NS_ID;
+
+ printf("test_id:\t%4d, ", $test_id);
+ print "ELF:$elf,\tSIZE:$elf_size\n";
+
+ # 'L' unsigned-32 ; '<' Little endian
+ print OUT pack('L<', 0xFACEFACE);
+ print OUT pack('L<', $test_id);
+ print OUT pack('L<', $elf_size);
+
+ # Temporarily closing final ELF to concatenate ELFs
+ close OUT;
+ system("cat $elf >> $output_elf");
+ # Open final ELF again
+ open(OUT, '>>:raw', $output_elf) or die "Unable to open: $!";
+}
+print OUT pack('L<', 0xC3C3C3C3);
+close OUT;
diff --git a/psa-ff/val/common/val.h b/psa-ff/val/common/val.h
new file mode 100644
index 0000000..b3e66f1
--- /dev/null
+++ b/psa-ff/val/common/val.h
@@ -0,0 +1,258 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_COMMON_H_
+#define _VAL_COMMON_H_
+
+#include <string.h>
+#include <stdint.h>
+#include <stdlib.h>
+
+/* typedef's */
+typedef uint8_t bool_t;
+typedef uint32_t addr_t;
+typedef uint32_t test_id_t;
+typedef uint32_t block_id_t;
+typedef char char8_t;
+typedef uint32_t cfg_id_t;
+
+
+#ifndef VAL_NSPE_BUILD
+#define STATIC_DECLARE static
+#else
+#define STATIC_DECLARE
+#endif
+
+#ifndef __WEAK
+#define __WEAK __attribute__((weak))
+#endif
+
+#ifndef __UNUSED
+#define __UNUSED __attribute__((unused))
+#endif
+
+#ifndef TRUE
+#define TRUE 0
+#endif
+#ifndef FALSE
+#define FALSE 1
+#endif
+
+/* test status defines */
+#define TEST_START 0x01
+#define TEST_END 0x02
+#define TEST_PASS 0x04
+#define TEST_FAIL 0x08
+#define TEST_SKIP 0x10
+#define TEST_PENDING 0x20
+
+#define TEST_NUM_BIT 32
+#define TEST_STATE_BIT 8
+#define TEST_STATUS_BIT 0
+
+#define TEST_NUM_MASK 0xFFFFFFFF
+#define TEST_STATE_MASK 0xFF
+#define TEST_STATUS_MASK 0xFF
+
+#define RESULT_START(status) (((TEST_START) << TEST_STATE_BIT) | ((status) << TEST_STATUS_BIT))
+#define RESULT_END(status) (((TEST_END) << TEST_STATE_BIT) | ((status) << TEST_STATUS_BIT))
+#define RESULT_PASS(status) (((TEST_PASS) << TEST_STATE_BIT) | ((status) << TEST_STATUS_BIT))
+#define RESULT_FAIL(status) (((TEST_FAIL) << TEST_STATE_BIT) | ((status) << TEST_STATUS_BIT))
+#define RESULT_SKIP(status) (((TEST_SKIP) << TEST_STATE_BIT) | ((status) << TEST_STATUS_BIT))
+#define RESULT_PENDING(status) (((TEST_PENDING) << TEST_STATE_BIT) | ((status) << TEST_STATUS_BIT))
+
+#define IS_TEST_FAIL(status) (((status >> TEST_STATE_BIT) & TEST_STATE_MASK) == TEST_FAIL)
+#define IS_TEST_PASS(status) (((status >> TEST_STATE_BIT) & TEST_STATE_MASK) == TEST_PASS)
+#define IS_TEST_SKIP(status) (((status >> TEST_STATE_BIT) & TEST_STATE_MASK) == TEST_SKIP)
+#define IS_TEST_PENDING(status) (((status >> TEST_STATE_BIT) & TEST_STATE_MASK) == TEST_PENDING)
+#define IS_TEST_START(status) (((status >> TEST_STATE_BIT) & TEST_STATE_MASK) == TEST_START)
+#define IS_TEST_END(status) (((status >> TEST_STATE_BIT) & TEST_STATE_MASK) == TEST_END)
+#define VAL_ERROR(status) (status?1:0)
+
+
+
+/* Test Defines */
+#define TEST_PUBLISH(test_id, entry) \
+ const val_test_info_t __attribute__((section(".acs_test_info"))) acs_test_info = {test_id, entry}
+
+#define VAL_MAX_TEST_PER_COMP 200
+#define VAL_FF_BASE 0
+#define VAL_CRYPTO_BASE 1
+#define VAL_GET_COMP_NUM(test_id) \
+ ((test_id - (test_id % VAL_MAX_TEST_PER_COMP)) / VAL_MAX_TEST_PER_COMP)
+#define VAL_GET_TEST_NUM(test_id) (test_id % VAL_MAX_TEST_PER_COMP)
+#define VAL_CREATE_TEST_ID(comp,num) ((comp*VAL_MAX_TEST_PER_COMP) + num)
+
+#define TEST_FIELD(num1,num2) (num2 << 8 | num1)
+#define GET_TEST_ISOLATION_LEVEL(num) (num & 0x3)
+#define GET_WD_TIMOUT_TYPE(num) ((num >> 8) & 0x3)
+
+#define TEST_CHECKPOINT_NUM(n) n
+#define TEST(n) n
+#define BLOCK(n) n
+
+#define BLOCK_NUM_POS 8
+#define ACTION_POS 16
+#define GET_TEST_NUM(n) (0xff & n)
+#define GET_BLOCK_NUM(n) ((n >> BLOCK_NUM_POS) & 0xff)
+
+#define GET_ACTION_NUM(n) ((n >> ACTION_POS) & 0xff)
+#define TEST_EXECUTE_FUNC 1
+#define TEST_RETURN_RESULT 2
+#define INVALID_HANDLE 0x1234DEAD
+
+#define VAL_NVMEM_BLOCK_SIZE 4
+#define VAL_NVMEM_OFFSET(nvmem_idx) (nvmem_idx * VAL_NVMEM_BLOCK_SIZE)
+
+#define UART_INIT_SIGN 0xff
+
+/* enums */
+typedef enum {
+ NONSECURE = 0x0,
+ SECURE = 0x1,
+} security_t;
+
+typedef enum {
+ TEST_ISOLATION_L1 = 0x1,
+ TEST_ISOLATION_L2 = 0x2,
+ TEST_ISOLATION_L3 = 0x3,
+} test_isolation_level_t;
+
+typedef enum {
+ BOOT_UNKNOWN = 0x1,
+ BOOT_NOT_EXPECTED = 0x2,
+ BOOT_EXPECTED_NS = 0x3,
+ BOOT_EXPECTED_S = 0x4,
+ BOOT_EXPECTED_BUT_FAILED = 0x5,
+ BOOT_EXPECTED_CRYPTO = 0x6,
+} boot_state_t;
+
+typedef enum {
+ NV_BOOT = 0x0,
+ NV_TEST_ID_PREVIOUS = 0x1,
+ NV_TEST_ID_CURRENT = 0x2,
+ NV_TEST_CNT = 0x3,
+} nvmem_index_t;
+
+typedef enum {
+ WD_INIT_SEQ = 0x1,
+ WD_ENABLE_SEQ = 0x2,
+ WD_DISABLE_SEQ = 0x3,
+ WD_STATUS_SEQ = 0x4,
+} wd_fn_type_t;
+
+typedef enum {
+ WD_LOW_TIMEOUT = 0x1,
+ WD_MEDIUM_TIMEOUT = 0x2,
+ WD_HIGH_TIMEOUT = 0x3,
+} wd_timeout_type_t;
+
+typedef enum {
+ NVMEM_READ = 0x1,
+ NVMEM_WRITE = 0x2,
+} nvmem_fn_type_t;
+
+/* enums to report test sub-state */
+typedef enum {
+ VAL_STATUS_SUCCESS = 0x0,
+ VAL_STATUS_INVALID = 0x10,
+ VAL_STATUS_ERROR = 0x11,
+ VAL_STATUS_NOT_FOUND = 0x12,
+ VAL_STATUS_LOAD_ERROR = 0x13,
+ VAL_STATUS_INSUFFICIENT_SIZE = 0x14,
+ VAL_STATUS_CONNECTION_FAILED = 0x15,
+ VAL_STATUS_CALL_FAILED = 0x16,
+ VAL_STATUS_READ_FAILED = 0x17,
+ VAL_STATUS_WRITE_FAILED = 0x18,
+ VAL_STATUS_ISOLATION_LEVEL_NOT_SUPP = 0x19,
+ VAL_STATUS_INIT_FAILED = 0x1A,
+ VAL_STATUS_SPM_FAILED = 0x1B,
+ VAL_STATUS_SPM_UNEXPECTED_BEH = 0x1C,
+ VAL_STATUS_FRAMEWORK_VERSION_FAILED = 0x1D,
+ VAL_STATUS_VERSION_API_FAILED = 0x1E,
+ VAL_STATUS_INVALID_HANDLE = 0x1F,
+ VAL_STATUS_INVALID_MSG_TYPE = 0x20,
+ VAL_STATUS_WRONG_IDENTITY = 0x21,
+ VAL_STATUS_MSG_INSIZE_FAILED = 0x22,
+ VAL_STATUS_MSG_OUTSIZE_FAILED = 0x23,
+ VAL_STATUS_SKIP_FAILED = 0x24,
+ VAL_STATUS_CRYPTO_FAILURE = 0x25,
+ VAL_STATUS_INVALID_SIZE = 0x26,
+ VAL_STATUS_DATA_MISMATCH = 0x27,
+ VAL_STATUS_BOOT_EXPECTED_BUT_FAILED = 0x28,
+} val_status_t;
+
+/* verbosity enums */
+typedef enum {
+ PRINT_INFO = 1,
+ PRINT_DEBUG = 2,
+ PRINT_TEST = 3,
+ PRINT_WARN = 4,
+ PRINT_ERROR = 5,
+ PRINT_ALWAYS = 9
+} print_verbosity_t;
+
+/* typedef's */
+typedef struct {
+ boot_state_t state;
+} boot_t;
+
+typedef struct {
+ uint32_t pass_cnt:8;
+ uint32_t skip_cnt:8;
+ uint32_t fail_cnt:8;
+ uint32_t sim_error_cnt:8;
+} test_count_t;
+
+typedef struct {
+ wd_fn_type_t wd_fn_type;
+ wd_timeout_type_t wd_timeout_type;
+} wd_param_t;
+
+typedef struct {
+ nvmem_fn_type_t nvmem_fn_type;
+ uint32_t offset;
+ int size;
+} nvmem_param_t;
+
+typedef struct {
+ addr_t wd_base_addr;
+ uint32_t wd_time_us_low;
+ uint32_t wd_time_us_medium;
+ uint32_t wd_time_us_high;
+ uint32_t wd_timer_tick_us;
+ addr_t nvmem_base_addr;
+ addr_t uart_base_addr;
+} target_param_t;
+
+
+typedef struct {
+ uint16_t test_num;
+ uint8_t block_num;
+} test_info_t;
+
+
+/* struture to capture test state */
+typedef struct {
+ uint16_t reserved;
+ uint8_t state;
+ uint8_t status;
+} test_status_buffer_t;
+
+typedef int32_t (*client_test_t)(security_t caller);
+typedef int32_t (*server_test_t)(void);
+#endif /* VAL_COMMON_H */
diff --git a/psa-ff/val/common/val_client_defs.h b/psa-ff/val/common/val_client_defs.h
new file mode 100644
index 0000000..c18d8a7
--- /dev/null
+++ b/psa-ff/val/common/val_client_defs.h
@@ -0,0 +1,81 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_CLIENT_H_
+#define _VAL_CLIENT_H_
+
+/****************** PSA Client API *****************/
+
+/* Note - This header file containts the declaration of PSA defined client API elements.
+ * Ideally, These elements must be defined in a header file <psa_client.h> by SPM implemented
+ * library and provided to clients operation in NSPE and SPE as per the specification.
+ * If this is available in the platform, the elements declared as part of this
+ * file can be overwritten by passing --include <path_to_psa_client_h> to setup.sh script.
+ */
+
+#if ((PSA_API_ELEMENTS_AVAILABLE) || (!VAL_NSPE_BUILD))
+/* <psa_client.h>: Contains the Client API elements. Accessible to all applications */
+#include "psa_client.h"
+
+#else
+
+#include "val.h"
+#define PSA_FRAMEWORK_VERSION (0x000A)
+#define PSA_VERSION_NONE (0)
+#define PSA_SUCCESS (0)
+#define PSA_CONNECTION_REFUSED (INT32_MIN + 1)
+#define PSA_CONNECTION_BUSY (INT32_MIN + 2)
+#define PSA_DROP_CONNECTION (INT32_MIN)
+#define PSA_NULL_HANDLE ((psa_handle_t)0)
+
+typedef int32_t psa_status_t;
+typedef int32_t psa_handle_t;
+
+typedef struct psa_invec {
+ const void *base;
+ size_t len;
+} psa_invec;
+
+typedef struct psa_outvec {
+ void *base;
+ size_t len;
+} psa_outvec;
+
+uint32_t psa_framework_version(void);
+uint32_t psa_version(uint32_t sid);
+psa_handle_t psa_connect(uint32_t sid, uint32_t minor_version);
+psa_status_t psa_call(psa_handle_t handle,
+ const psa_invec *in_vec, size_t in_len,
+ psa_outvec *out_vec, size_t out_len);
+psa_status_t psa_close(psa_handle_t handle);
+#endif /* #if ((PSA_API_ELEMENTS_AVAILABLE) || (!VAL_NSPE_BUILD)) */
+
+#ifndef VAL_NSPE_BUILD
+/* <psa_sid.h>: Macro definitions derived from manifest files that provides a mapping
+ * from RoT service names to Service IDs (SIDs) for use with the Client API.
+ * Partition manifest parse build tool must provide the implementation of this file.
+*/
+#include "psa_sid.h"
+
+#else
+
+#include "pal_sid.h"
+
+#endif /* VAL_NSPE_BUILD */
+
+#define INVALID_SID 0x0000FA20
+#endif /* _VAL_CLIENT_H_ */
diff --git a/psa-ff/val/nspe/pal_interfaces_ns.h b/psa-ff/val/nspe/pal_interfaces_ns.h
new file mode 100644
index 0000000..0fe60fa
--- /dev/null
+++ b/psa-ff/val/nspe/pal_interfaces_ns.h
@@ -0,0 +1,47 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+#ifndef _PAL_INTERFACES_NS_H_
+#define _PAL_INTERFACES_NS_H_
+
+#include "val.h"
+#include <stdarg.h>
+
+/**
+ @brief - This function will read peripherals using SPI commands
+ @param - addr : address of the peripheral
+ data : read buffer
+ len : length of the read buffer in bytes
+ @return - error status
+**/
+int pal_spi_read(addr_t addr, uint8_t *data, uint32_t len);
+
+/* Target Config API */
+/**
+ @brief - provides the database source location.
+ @param - void
+ @return - Returns base address of database
+**/
+void *pal_target_get_cfg_start(void);
+
+/**
+ @brief - This API will call the requested crypto function
+ @param - type : function code
+ valist : variable argument list
+ @return - error status
+**/
+uint32_t pal_crypto_function(int type, va_list valist);
+#endif
diff --git a/psa-ff/val/nspe/val_crypto.c b/psa-ff/val/nspe/val_crypto.c
new file mode 100644
index 0000000..8843b77
--- /dev/null
+++ b/psa-ff/val/nspe/val_crypto.c
@@ -0,0 +1,53 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_crypto.h"
+#include "val_target.h"
+#include "pal_interfaces_ns.h"
+#include "val_framework.h"
+#include "val_client_defs.h"
+
+/**
+ @brief - This API will call the requested crypto function
+ @param - type : function code
+ ... : variable number of arguments
+ @return - Error status
+**/
+val_status_t val_crypto_function(int type, ...)
+{
+ va_list valist;
+ val_status_t status;
+
+ va_start(valist, type);
+ status = pal_crypto_function(type, valist);
+ va_end(valist);
+ return status;
+}
+
+/**
+ @brief - Checks if the key type is of raw bits
+ @param - type : type of the key
+ @return - True : If key type is raw bits
+ False: If key type is not raw bits
+**/
+int32_t val_crypto_key_type_is_raw(psa_key_type_t type)
+{
+ psa_key_type_t category = type & PSA_KEY_TYPE_CATEGORY_MASK;
+
+ return (category == PSA_KEY_TYPE_RAW_DATA ||
+ category == PSA_KEY_TYPE_CATEGORY_SYMMETRIC);
+}
diff --git a/psa-ff/val/nspe/val_crypto.h b/psa-ff/val/nspe/val_crypto.h
new file mode 100644
index 0000000..7b96da0
--- /dev/null
+++ b/psa-ff/val/nspe/val_crypto.h
@@ -0,0 +1,305 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_CRYPTO_H_
+#define _VAL_CRYPTO_H_
+
+#include "val.h"
+#include <stdarg.h>
+
+#define BYTES_TO_BITS(byte) (byte * 8)
+/* Size */
+#define AES_16B_KEY_SIZE 16
+#define AES_24B_KEY_SIZE 24
+#define AES_32B_KEY_SIZE 32
+#define AES_18B_KEY_SIZE 18
+#define AES_34B_KEY_SIZE 34
+#define DES_8B_KEY_SIZE 8
+#define DES3_2KEY_SIZE 16
+#define DES3_3KEY_SIZE 24
+#define SIZE_128B 128
+#define SIZE_256B 256
+#define SIZE_512B 512
+#define BUFFER_SIZE 1200
+#define HASH_64B 64
+
+/* Key Slot */
+#define INVALID_KEY_SLOT 0xDEAD
+#define ZERO_KEY_SLOT 0
+#define OCCUPIED_KEY_SLOT 1
+#define MAX_KEY_SLOT 32
+
+/* Key Type */
+#define PSA_KEY_TYPE_RAW_DATA ((psa_key_type_t)0x50000001)
+#define PSA_KEY_TYPE_CATEGORY_MASK ((psa_key_type_t)0x70000000)
+#define PSA_KEY_TYPE_CATEGORY_SYMMETRIC ((psa_key_type_t)0x40000000)
+#define PSA_KEY_TYPE_PAIR_FLAG ((psa_key_type_t)0x10000000)
+#define PSA_KEY_TYPE_AES ((psa_key_type_t)0x40000001)
+#define PSA_KEY_TYPE_DES ((psa_key_type_t)0x40000002)
+#define PSA_KEY_TYPE_RSA_PUBLIC_KEY ((psa_key_type_t)0x60010000)
+#define PSA_KEY_TYPE_RSA_KEYPAIR ((psa_key_type_t)0x70010000)
+#define PSA_KEY_TYPE_VENDOR_FLAG ((psa_key_type_t)0x80000000)
+#define PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE ((psa_key_type_t)0x60030000)
+#define PSA_KEY_TYPE_ECC_KEYPAIR_BASE ((psa_key_type_t)0x70030000)
+#define PSA_KEY_TYPE_ECC_CURVE_MASK ((psa_key_type_t)0x0000ffff)
+
+/* Key Lifetime */
+#define PSA_KEY_LIFETIME_VOLATILE ((psa_key_lifetime_t)0x00000000)
+#define PSA_KEY_LIFETIME_PERSISTENT ((psa_key_lifetime_t)0x00000001)
+#define PSA_KEY_LIFETIME_WRITE_ONCE ((psa_key_lifetime_t)0x7fffffff)
+#define PSA_KEY_LIFETIME_INVALID ((psa_key_lifetime_t)0xffffffff)
+
+/* Algorithm */
+#define PSA_ALG_BLOCK_CIPHER_PAD_NONE ((psa_algorithm_t)0x00000000)
+#define PSA_ALG_BLOCK_CIPHER_BASE ((psa_algorithm_t)0x04000000)
+#define PSA_KEY_USAGE_EXPORT ((psa_key_usage_t)0x00000001)
+#define PSA_KEY_USAGE_ENCRYPT ((psa_key_usage_t)0x00000100)
+#define PSA_KEY_USAGE_DECRYPT ((psa_key_usage_t)0x00000200)
+#define PSA_KEY_USAGE_SIGN ((psa_key_usage_t)0x00000400)
+#define PSA_KEY_USAGE_VERIFY ((psa_key_usage_t)0x00000800)
+#define PSA_KEY_USAGE_DERIVE ((psa_key_usage_t)0x00001000)
+#define PSA_ALG_RSA_PKCS1V15_SIGN_BASE ((psa_algorithm_t)0x10020000)
+#define PSA_ALG_ECDSA_BASE ((psa_algorithm_t)0x10060000)
+#define PSA_ALG_CATEGORY_ASYMMETRIC_ENCRYPTION ((psa_algorithm_t)0x12000000)
+#define PSA_ALG_RSA_PKCS1V15_SIGN_RAW PSA_ALG_RSA_PKCS1V15_SIGN_BASE
+#define PSA_KEY_USAGE_INVALID 0xFFFFFFFF
+#define PSA_ALG_INVALID 0xFFFFFFFF
+
+/* Hash Algorithm */
+#define PSA_ALG_CATEGORY_HASH ((psa_algorithm_t)0x01000000)
+#define PSA_ALG_HASH_MASK ((psa_algorithm_t)0x000000ff)
+#define PSA_ALG_MD2 ((psa_algorithm_t)0x01000001)
+#define PSA_ALG_MD4 ((psa_algorithm_t)0x01000002)
+#define PSA_ALG_MD5 ((psa_algorithm_t)0x01000003)
+#define PSA_ALG_RIPEMD160 ((psa_algorithm_t)0x01000004)
+#define PSA_ALG_SHA_1 ((psa_algorithm_t)0x01000005)
+#define PSA_ALG_SHA_224 ((psa_algorithm_t)0x01000008)
+#define PSA_ALG_SHA_256 ((psa_algorithm_t)0x01000009)
+#define PSA_ALG_SHA_384 ((psa_algorithm_t)0x0100000a)
+#define PSA_ALG_SHA_512 ((psa_algorithm_t)0x0100000b)
+#define PSA_ALG_SHA_512_224 ((psa_algorithm_t)0x0100000c)
+#define PSA_ALG_SHA_512_256 ((psa_algorithm_t)0x0100000d)
+#define PSA_ALG_SHA3_224 ((psa_algorithm_t)0x01000010)
+#define PSA_ALG_SHA3_256 ((psa_algorithm_t)0x01000011)
+#define PSA_ALG_SHA3_384 ((psa_algorithm_t)0x01000012)
+#define PSA_ALG_SHA3_512 ((psa_algorithm_t)0x01000013)
+
+/* Error codes */
+#define PSA_ERROR_UNKNOWN_ERROR ((psa_status_t)1)
+#define PSA_ERROR_NOT_SUPPORTED ((psa_status_t)2)
+#define PSA_ERROR_NOT_PERMITTED ((psa_status_t)3)
+#define PSA_ERROR_BUFFER_TOO_SMALL ((psa_status_t)4)
+#define PSA_ERROR_OCCUPIED_SLOT ((psa_status_t)5)
+#define PSA_ERROR_EMPTY_SLOT ((psa_status_t)6)
+#define PSA_ERROR_BAD_STATE ((psa_status_t)7)
+#define PSA_ERROR_INVALID_ARGUMENT ((psa_status_t)8)
+#define PSA_ERROR_INSUFFICIENT_MEMORY ((psa_status_t)9)
+#define PSA_ERROR_INSUFFICIENT_STORAGE ((psa_status_t)10)
+#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t)11)
+#define PSA_ERROR_STORAGE_FAILURE ((psa_status_t)12)
+#define PSA_ERROR_HARDWARE_FAILURE ((psa_status_t)13)
+#define PSA_ERROR_TAMPERING_DETECTED ((psa_status_t)14)
+#define PSA_ERROR_INSUFFICIENT_ENTROPY ((psa_status_t)15)
+#define PSA_ERROR_INVALID_SIGNATURE ((psa_status_t)16)
+#define PSA_ERROR_INVALID_PADDING ((psa_status_t)17)
+#define PSA_ERROR_INSUFFICIENT_CAPACITY ((psa_status_t)18)
+
+/* Encoding of curve identifiers */
+#define PSA_ECC_CURVE_SECT163K1 ((psa_ecc_curve_t) 0x0001)
+#define PSA_ECC_CURVE_SECT163R1 ((psa_ecc_curve_t) 0x0002)
+#define PSA_ECC_CURVE_SECT163R2 ((psa_ecc_curve_t) 0x0003)
+#define PSA_ECC_CURVE_SECT193R1 ((psa_ecc_curve_t) 0x0004)
+#define PSA_ECC_CURVE_SECT193R2 ((psa_ecc_curve_t) 0x0005)
+#define PSA_ECC_CURVE_SECT233K1 ((psa_ecc_curve_t) 0x0006)
+#define PSA_ECC_CURVE_SECT233R1 ((psa_ecc_curve_t) 0x0007)
+#define PSA_ECC_CURVE_SECT239K1 ((psa_ecc_curve_t) 0x0008)
+#define PSA_ECC_CURVE_SECT283K1 ((psa_ecc_curve_t) 0x0009)
+#define PSA_ECC_CURVE_SECT283R1 ((psa_ecc_curve_t) 0x000a)
+#define PSA_ECC_CURVE_SECT409K1 ((psa_ecc_curve_t) 0x000b)
+#define PSA_ECC_CURVE_SECT409R1 ((psa_ecc_curve_t) 0x000c)
+#define PSA_ECC_CURVE_SECT571K1 ((psa_ecc_curve_t) 0x000d)
+#define PSA_ECC_CURVE_SECT571R1 ((psa_ecc_curve_t) 0x000e)
+#define PSA_ECC_CURVE_SECP160K1 ((psa_ecc_curve_t) 0x000f)
+#define PSA_ECC_CURVE_SECP160R1 ((psa_ecc_curve_t) 0x0010)
+#define PSA_ECC_CURVE_SECP160R2 ((psa_ecc_curve_t) 0x0011)
+#define PSA_ECC_CURVE_SECP192K1 ((psa_ecc_curve_t) 0x0012)
+#define PSA_ECC_CURVE_SECP192R1 ((psa_ecc_curve_t) 0x0013)
+#define PSA_ECC_CURVE_SECP224K1 ((psa_ecc_curve_t) 0x0014)
+#define PSA_ECC_CURVE_SECP224R1 ((psa_ecc_curve_t) 0x0015)
+#define PSA_ECC_CURVE_SECP256K1 ((psa_ecc_curve_t) 0x0016)
+#define PSA_ECC_CURVE_SECP256R1 ((psa_ecc_curve_t) 0x0017)
+#define PSA_ECC_CURVE_SECP384R1 ((psa_ecc_curve_t) 0x0018)
+#define PSA_ECC_CURVE_SECP521R1 ((psa_ecc_curve_t) 0x0019)
+#define PSA_ECC_CURVE_BRAINPOOL_P256R1 ((psa_ecc_curve_t) 0x001a)
+#define PSA_ECC_CURVE_BRAINPOOL_P384R1 ((psa_ecc_curve_t) 0x001b)
+#define PSA_ECC_CURVE_BRAINPOOL_P512R1 ((psa_ecc_curve_t) 0x001c)
+#define PSA_ECC_CURVE_CURVE25519 ((psa_ecc_curve_t) 0x001d)
+#define PSA_ECC_CURVE_CURVE448 ((psa_ecc_curve_t) 0x001e)
+#define PSA_ECC_CURVE_FFDHE_2048 ((psa_ecc_curve_t) 0x0100)
+#define PSA_ECC_CURVE_FFDHE_3072 ((psa_ecc_curve_t) 0x0101)
+#define PSA_ECC_CURVE_FFDHE_4096 ((psa_ecc_curve_t) 0x0102)
+#define PSA_ECC_CURVE_FFDHE_6144 ((psa_ecc_curve_t) 0x0103)
+#define PSA_ECC_CURVE_FFDHE_8192 ((psa_ecc_curve_t) 0x0104)
+
+#define PSA_ALG_HMAC_HASH(hmac_alg) \
+ (PSA_ALG_CATEGORY_HASH | ((hmac_alg) & PSA_ALG_HASH_MASK))
+
+/* The size of the output hash */
+#define PSA_HASH_SIZE(alg) \
+ ( \
+ PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD2 ? 16 : \
+ PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD4 ? 16 : \
+ PSA_ALG_HMAC_HASH(alg) == PSA_ALG_MD5 ? 16 : \
+ PSA_ALG_HMAC_HASH(alg) == PSA_ALG_RIPEMD160 ? 20 : \
+ PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_1 ? 20 : \
+ PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_224 ? 28 : \
+ PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_256 ? 32 : \
+ PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_384 ? 48 : \
+ PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512 ? 64 : \
+ PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512_224 ? 28 : \
+ PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA_512_256 ? 32 : \
+ PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_224 ? 28 : \
+ PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_256 ? 32 : \
+ PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_384 ? 48 : \
+ PSA_ALG_HMAC_HASH(alg) == PSA_ALG_SHA3_512 ? 64 : \
+ 0)
+
+/** The public key type corresponding to a key pair type. */
+#define PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) \
+ ((type) & ~PSA_KEY_TYPE_PAIR_FLAG)
+
+/** Whether a key type is an RSA key (pair or public-only). */
+#define PSA_KEY_TYPE_IS_RSA(type) \
+ (PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) == PSA_KEY_TYPE_RSA_PUBLIC_KEY)
+
+/** Whether a key type is an elliptic curve key (pair or public-only). */
+#define PSA_KEY_TYPE_IS_ECC(type) \
+ ((PSA_KEY_TYPE_PUBLIC_KEY_OF_KEYPAIR(type) & \
+ ~PSA_KEY_TYPE_ECC_CURVE_MASK) == PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
+#define PSA_KEY_TYPE_IS_ECC_KEYPAIR(type) \
+ (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
+ PSA_KEY_TYPE_ECC_KEYPAIR_BASE)
+#define PSA_KEY_TYPE_IS_ECC_PUBLIC_KEY(type) \
+ (((type) & ~PSA_KEY_TYPE_ECC_CURVE_MASK) == \
+ PSA_KEY_TYPE_ECC_PUBLIC_KEY_BASE)
+
+typedef uint16_t psa_ecc_curve_t;
+typedef uint32_t psa_key_usage_t;
+typedef uint32_t psa_algorithm_t;
+typedef int32_t psa_status_t;
+typedef uint32_t psa_key_type_t;
+typedef uint32_t psa_key_slot_t;
+typedef uint32_t psa_key_lifetime_t;
+
+enum crypto_function_code {
+ VAL_CRYPTO_INIT = 0x1,
+ VAL_CRYPTO_GENERATE_RANDOM = 0x2,
+ VAL_CRYPTO_IMPORT_KEY = 0x3,
+ VAL_CRYPTO_EXPORT_KEY = 0x4,
+ VAL_CRYPTO_EXPORT_PUBLIC_KEY = 0x5,
+ VAL_CRYPTO_DESTROY_KEY = 0x6,
+ VAL_CRYPTO_GET_KEY_INFO = 0x7,
+ VAL_CRYPTO_KEY_POLICY_INIT = 0x8,
+ VAL_CRYPTO_KEY_POLICY_SET_USAGE = 0x9,
+ VAL_CRYPTO_KEY_POLICY_GET_USAGE = 0xA,
+ VAL_CRYPTO_KEY_POLICY_GET_ALGORITHM = 0xB,
+ VAL_CRYPTO_SET_KEY_POLICY = 0xC,
+ VAL_CRYPTO_GET_KEY_POLICY = 0xD,
+ VAL_CRYPTO_GET_KEY_INFORMATION = 0xE,
+ VAL_CRYPTO_GET_KEY_LIFETIME = 0xF,
+ VAL_CRYPTO_SET_KEY_LIFETIME = 0x10,
+ VAL_CRYPTO_HASH_SETUP = 0x11,
+ VAL_CRYPTO_HASH_UPDATE = 0x12,
+ VAL_CRYPTO_HASH_VERIFY = 0x13,
+ VAL_CRYPTO_HASH_FINISH = 0x14,
+ VAL_CRYPTO_HASH_ABORT = 0x15,
+};
+
+struct psa_key_policy_s {
+ psa_key_usage_t usage;
+ psa_algorithm_t alg;
+};
+
+typedef struct {
+ unsigned char cksum[16]; /*!< checksum of the data block */
+ unsigned char state[48]; /*!< intermediate digest state */
+ unsigned char buffer[16]; /*!< data block being processed */
+ size_t left; /*!< amount of data in buffer */
+} mbedtls_md2_context;
+
+typedef struct {
+ uint32_t total[2]; /*!< number of bytes processed */
+ uint32_t state[4]; /*!< intermediate digest state */
+ unsigned char buffer[64]; /*!< data block being processed */
+} mbedtls_md4_context;
+
+typedef struct {
+ uint32_t total[2]; /*!< number of bytes processed */
+ uint32_t state[4]; /*!< intermediate digest state */
+ unsigned char buffer[64]; /*!< data block being processed */
+} mbedtls_md5_context;
+
+typedef struct {
+ uint32_t total[2]; /*!< number of bytes processed */
+ uint32_t state[5]; /*!< intermediate digest state */
+ unsigned char buffer[64]; /*!< data block being processed */
+} mbedtls_ripemd160_context;
+
+typedef struct {
+ uint32_t total[2]; /*!< The number of Bytes processed. */
+ uint32_t state[5]; /*!< The intermediate digest state. */
+ unsigned char buffer[64]; /*!< The data block being processed. */
+} mbedtls_sha1_context;
+
+typedef struct {
+ uint32_t total[2]; /*!< The number of Bytes processed. */
+ uint32_t state[8]; /*!< The intermediate digest state. */
+ unsigned char buffer[64]; /*!< The data block being processed. */
+ int is224; /*!< Determines which function to use:
+ 0: Use SHA-256, or 1: Use SHA-224. */
+} mbedtls_sha256_context;
+
+typedef struct {
+ uint64_t total[2]; /*!< The number of Bytes processed. */
+ uint64_t state[8]; /*!< The intermediate digest state. */
+ unsigned char buffer[128]; /*!< The data block being processed. */
+ int is384; /*!< Determines which function to use:
+ 0: Use SHA-512, or 1: Use SHA-384. */
+} mbedtls_sha512_context;
+
+struct psa_hash_operation_s
+{
+ psa_algorithm_t alg;
+ union
+ {
+ unsigned dummy; /* Make the union non-empty even with no supported algorithms. */
+ mbedtls_md2_context md2;
+ mbedtls_md4_context md4;
+ mbedtls_md5_context md5;
+ mbedtls_ripemd160_context ripemd160;
+ mbedtls_sha1_context sha1;
+ mbedtls_sha256_context sha256;
+ mbedtls_sha512_context sha512;
+ } ctx;
+};
+
+typedef struct psa_hash_operation_s psa_hash_operation_t;
+typedef struct psa_key_policy_s psa_key_policy_t;
+
+val_status_t val_crypto_function(int type, ...);
+int32_t val_crypto_key_type_is_raw(psa_key_type_t type);
+#endif /* _VAL_CRYPTO_H_ */
diff --git a/psa-ff/val/nspe/val_dispatcher.c b/psa-ff/val/nspe/val_dispatcher.c
new file mode 100644
index 0000000..ae222cb
--- /dev/null
+++ b/psa-ff/val/nspe/val_dispatcher.c
@@ -0,0 +1,436 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_framework.h"
+#include "val_dispatcher.h"
+#include "val_interfaces.h"
+#include "val_peripherals.h"
+#include "val_target.h"
+
+extern val_api_t val_api;
+extern psa_api_t psa_api;
+
+/* gloabls */
+addr_t g_test_info_addr;
+uint32_t combine_test_binary_in_ram;
+addr_t combine_test_binary_addr;
+
+static const unsigned char elf_magic_header[ELF_IDENT] = {
+ /* 0x7f, 'E', 'L', 'F' */
+ 0x7f, 0x45, 0x4c, 0x46,
+ /* Only 32-bit objects */
+ 0x01,
+ /* Only LSB data. */
+ 0x01,
+ /* Only ELF version 1. */
+ 0x01,
+ 0x0,
+ 0x0,
+ 0x0,
+ 0x0,
+ 0x0,
+ 0x0,
+ 0x0,
+ 0x0,
+ 0x0
+};
+
+/**
+ @brief - This API will copy the length of data from addr to *data
+ @param - addr : address to be read
+ data pointer : address to which data will be copied
+ len : length of data to be copy in bytes
+ @return - error status
+**/
+val_status_t val_mem_copy(addr_t addr, uint8_t *data, uint32_t len)
+{
+ if (combine_test_binary_in_ram)
+ {
+ memcpy((void*)data, (void *)addr, len);
+ return VAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return val_spi_read(addr, data, len);
+ }
+}
+
+
+/**
+ @brief - This function parses ELF header, entry address(test info addreess)
+ and program headers. Copies the loadable segments to system memory.
+ @return - Returns Success/Failure
+**/
+int val_copy_elf(uint32_t saddr, uint32_t *info_addr)
+{
+ elf_header_t test_elfh;
+ elf_pheader_t test_ph;
+ int i;
+
+ if (0 != val_mem_copy(saddr, (uint8_t *)&test_elfh, sizeof(elf_header_t)))
+ {
+ val_print(PRINT_ERROR, "Error: read failure for Test ELF header\n", 0);
+ return -1;
+ }
+
+ /* validate ELF header */
+ if (0 != memcmp(&test_elfh.e_ident, &elf_magic_header, ELF_IDENT))
+ {
+ val_print(PRINT_ERROR, "Fail: Test ELF header validation\n", 0);
+ return -1;
+ }
+
+ for (i = 0; i < test_elfh.e_phnum; i++)
+ {
+ /* Read the program header */
+ if (0 != val_mem_copy((saddr + test_elfh.e_phoff + (sizeof(elf_pheader_t)*i)),
+ (uint8_t *)&test_ph, sizeof(elf_pheader_t)))
+ {
+ val_print(PRINT_ERROR, "Error: reading Test program header\n", 0);
+ return -1;
+ }
+
+ /* Load the program to physical RAM */
+ if (0 != val_mem_copy((saddr + test_ph.p_offset),
+ (uint8_t *)test_ph.p_paddr, test_ph.p_filesz))
+ {
+ val_print(PRINT_ERROR, "Error: reading Test program header\n", 0);
+ return -1;
+ }
+ }
+
+ *info_addr = test_elfh.e_entry;
+ return 0;
+}
+
+/**
+ @brief - This function reads the test ELFs from RAM or secondary storage and loads into
+ system memory
+ @param - test_id : Returns the current test ID
+ - test_id_prev : Previous test ID.
+ @return - Error code
+**/
+val_status_t val_test_load(test_id_t *test_id, test_id_t test_id_prev)
+{
+ test_header_t test_header;
+ addr_t flash_addr = combine_test_binary_addr;
+
+ /*
+ * The combined Test ELF binary:
+ *
+ * ----------------------
+ * | Custom Test Header*|
+ * |--------------------|
+ * | Test-1 Image |
+ * ----------------------
+ * | Custom Test Header*|
+ * ----------------------
+ * | Test-2 Image |
+ * |--------------------|
+ * | Custom Test Header*|
+ * :
+ * :
+ * ----------------------
+ * | END Marker |
+ * ----------------------
+ *
+ */
+
+ if (test_id_prev != VAL_INVALID_TEST_ID)
+ {
+ /* Jump to last test run + 1 */
+ do
+ {
+ if (val_mem_copy(flash_addr, (uint8_t *)&test_header, sizeof(test_header_t)))
+ {
+ val_print(PRINT_ERROR, "Error: reading Test program header\n", 0);
+ return VAL_STATUS_LOAD_ERROR;
+ }
+
+ if (test_header.start_marker == VAL_TEST_END_MARKER)
+ {
+ val_print(PRINT_ERROR, "\n\nNo more valid tests found. Exiting..", 0);
+ *test_id = VAL_INVALID_TEST_ID;
+ return VAL_STATUS_SUCCESS;
+ }
+
+ if (test_header.start_marker != VAL_TEST_START_MARKER)
+ {
+ flash_addr += 0x4;
+ continue;
+ }
+
+ if ((test_header.start_marker == VAL_TEST_START_MARKER)
+ && (test_header.test_id == test_id_prev))
+ {
+ flash_addr += (sizeof(test_header_t) + test_header.elf_size);
+ break;
+ }
+
+ flash_addr += (sizeof(test_header_t) + test_header.elf_size);
+ } while(1);
+ }
+
+ if (val_mem_copy(flash_addr, (uint8_t *)&test_header, sizeof(test_header_t)))
+ {
+ val_print(PRINT_ERROR, "\n\nError: reading custom Test header", 0);
+ return VAL_STATUS_LOAD_ERROR;
+ }
+
+ if (test_header.start_marker == VAL_TEST_END_MARKER)
+ {
+ val_print(PRINT_ERROR, "\n\nNo more valid tests found. Exiting.", 0);
+ *test_id = VAL_INVALID_TEST_ID;
+ return VAL_STATUS_SUCCESS;
+ }
+
+ if (test_header.start_marker != VAL_TEST_START_MARKER)
+ {
+ val_print(PRINT_ERROR, "\n\nNo valid test binary found. Exiting.", 0);
+ *test_id = VAL_INVALID_TEST_ID;
+ return VAL_STATUS_LOAD_ERROR;
+ }
+
+ flash_addr += sizeof(test_header_t);
+ if (val_copy_elf(flash_addr, &g_test_info_addr))
+ {
+ val_print(PRINT_ERROR, "Error: loading Test program\n", 0);
+ return VAL_STATUS_LOAD_ERROR;
+ }
+
+ *test_id = test_header.test_id;
+ return VAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - This function reads the function pointer addresses for
+ test_entry
+ @param - paddr : Returns the Test function address
+ @return - Returns val_status_t
+**/
+val_status_t val_get_test_entry_addr(addr_t *paddr)
+{
+ *paddr = (addr_t)(((val_test_info_t *)g_test_info_addr)->entry_addr);
+ return VAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Execute the function pointer which was given to us by the test
+ @param - void
+**/
+void val_execute_test_fn(void)
+{
+ test_fptr_t fn_ptr;
+ addr_t addr;
+
+ val_get_test_entry_addr(&addr);
+ fn_ptr = (test_fptr_t)addr;
+ fn_ptr(&val_api, &psa_api);
+ return;
+}
+
+/*
+ @brief - Reads the pre-defined component name against given test_id
+ @param - test_id : Current Test ID
+ @return - Component name
+*/
+char * val_get_comp_name(test_id_t test_id)
+{
+ switch (VAL_GET_COMP_NUM(test_id))
+ {
+ case VAL_FF_BASE:
+ return "\nRunning... IPC Suite";
+ case VAL_CRYPTO_BASE:
+ return "\nRunning... Crypto Suite";
+ default:
+ return "No Component";
+ }
+}
+
+/**
+ @brief - This function is responsible for setting up VAL infrastructure.
+ Loads test one by one from combine binary and calls test_entry
+ function of each test image.
+ @return - none
+**/
+void val_dispatcher(test_id_t test_id_prev)
+{
+
+ test_id_t test_id;
+ val_status_t status;
+ miscellaneous_desc_t *misc_desc;
+ boot_t boot;
+ test_count_t test_count;
+ uint32_t test_result;
+
+ status = val_target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
+ MISCELLANEOUS_DUT, 0),
+ (uint8_t **)&misc_desc,
+ (uint32_t *)sizeof(miscellaneous_desc_t));
+ if (VAL_ERROR(status))
+ {
+ val_print(PRINT_ERROR, "\n\ttarget config read failed", 0);
+ return;
+ }
+
+ combine_test_binary_addr = misc_desc->ns_start_addr_of_combine_test_binary;
+ combine_test_binary_in_ram = misc_desc->combine_test_binary_in_ram;
+ do
+ {
+ status = val_get_boot_flag(&boot.state);
+ if (VAL_ERROR(status))
+ {
+ break;
+ }
+
+ /* Did last run test hang and system re-booted due to watchdog timeout and
+ boot.state was set to BOOT_NOT_EXPECTED ? If yes, set the test status
+ to SIM ERROR and go to next test. */
+ if (boot.state == BOOT_NOT_EXPECTED)
+ {
+ val_set_status(RESULT_PENDING(VAL_STATUS_ERROR));
+ status = val_nvmem_read(VAL_NVMEM_OFFSET(NV_TEST_ID_CURRENT),
+ &test_id, sizeof(test_id_t));
+ if (VAL_ERROR(status))
+ {
+ val_print(PRINT_ERROR, "\n\tNVMEM read error", 0);
+ }
+ }
+ /* Did last run test hang and system reset due to watchdog timeout but
+ boot.state was set to BOOT_EXPECTED_BUT_FAILED ? If yes, set the test status
+ to FAIL and go to next test. This condition will hit when test was expecting
+ re-boot on perticular scenario but it didn't happen and system re-booted due
+ to other reason. */
+ else if (boot.state == BOOT_EXPECTED_BUT_FAILED)
+ {
+ val_set_status(RESULT_FAIL(VAL_STATUS_BOOT_EXPECTED_BUT_FAILED));
+ status = val_nvmem_read(VAL_NVMEM_OFFSET(NV_TEST_ID_CURRENT),
+ &test_id, sizeof(test_id_t));
+ if (VAL_ERROR(status))
+ {
+ val_print(PRINT_ERROR, "\n\tNVMEM read error", 0);
+ }
+ }
+ else
+ {
+ status = val_test_load(&test_id, test_id_prev);
+
+ if (test_id == VAL_INVALID_TEST_ID || VAL_ERROR(status))
+ {
+ break;
+ }
+
+ status = val_nvmem_write(VAL_NVMEM_OFFSET(NV_TEST_ID_CURRENT),
+ &test_id, sizeof(test_id_t));
+ if (VAL_ERROR(status))
+ {
+ val_print(PRINT_ERROR, "\n\tNVMEM write error", 0);
+ break;
+ }
+
+ if (VAL_GET_COMP_NUM(test_id_prev) != VAL_GET_COMP_NUM(test_id))
+ {
+ val_print(PRINT_ALWAYS, val_get_comp_name(test_id), 0);
+ val_print(PRINT_ALWAYS, "\n******************************************\n", 0);
+ }
+
+ if (boot.state == BOOT_UNKNOWN)
+ {
+ /* Set boot.state to BOOT_NOT_EXPECTED to catch unexpected test hang */
+ status = val_set_boot_flag(BOOT_NOT_EXPECTED);
+ if (VAL_ERROR(status))
+ {
+ break;
+ }
+ }
+ val_execute_test_fn();
+ }
+
+ test_result = val_report_status();
+
+ /* Reset boot.state to UNKNOWN before lunching next test */
+ status = val_set_boot_flag(BOOT_UNKNOWN);
+ if (VAL_ERROR(status))
+ {
+ break;
+ }
+
+ /* Prepare suite summary data structure */
+ status = val_nvmem_read(VAL_NVMEM_OFFSET(NV_TEST_CNT), &test_count, sizeof(test_count_t));
+ if (VAL_ERROR(status))
+ {
+ val_print(PRINT_ERROR, "\n\tNVMEM read error", 0);
+ break;
+ }
+
+ switch (test_result)
+ {
+ case TEST_PASS:
+ test_count.pass_cnt += 1;
+ break;
+ case TEST_FAIL:
+ test_count.fail_cnt += 1;
+ break;
+ case TEST_SKIP:
+ test_count.skip_cnt += 1;
+ break;
+ case TEST_PENDING:
+ test_count.sim_error_cnt += 1;
+ break;
+ }
+
+ status = val_nvmem_write(VAL_NVMEM_OFFSET(NV_TEST_CNT), &test_count, sizeof(test_count_t));
+ if (VAL_ERROR(status))
+ {
+ val_print(PRINT_ERROR, "\n\tNVMEM write error", 0);
+ break;
+ }
+
+ test_id_prev = test_id;
+ status = val_nvmem_write(VAL_NVMEM_OFFSET(NV_TEST_ID_PREVIOUS),
+ &test_id, sizeof(test_id_t));
+ if (VAL_ERROR(status))
+ {
+ val_print(PRINT_ERROR, "\n\tNVMEM write error", 0);
+ break;
+ }
+
+ } while(1);
+
+ status = val_nvmem_read(VAL_NVMEM_OFFSET(NV_TEST_CNT), &test_count, sizeof(test_count_t));
+ if (VAL_ERROR(status))
+ {
+ val_print(PRINT_ERROR, "\n\tNVMEM read error", 0);
+ return;
+ }
+
+ val_print(PRINT_ALWAYS, "\n\n************ REGRESSION SUMMARY **********\n", 0);
+ val_print(PRINT_ALWAYS, "TOTAL TESTS : %d\n", test_count.pass_cnt + test_count.fail_cnt
+ + test_count.skip_cnt + test_count.sim_error_cnt);
+ val_print(PRINT_ALWAYS, "TOTAL PASSED : %d\n", test_count.pass_cnt);
+ val_print(PRINT_ALWAYS, "TOTAL SIM ERROR : %d\n", test_count.sim_error_cnt);
+ val_print(PRINT_ALWAYS, "TOTAL FAILED : %d\n", test_count.fail_cnt);
+ val_print(PRINT_ALWAYS, "TOTAL SKIPPED : %d\n", test_count.skip_cnt);
+ val_print(PRINT_ALWAYS, "\n******************************************\n", 0);
+}
+
+
+
+
+
+
+
diff --git a/psa-ff/val/nspe/val_dispatcher.h b/psa-ff/val/nspe/val_dispatcher.h
new file mode 100644
index 0000000..9adc98f
--- /dev/null
+++ b/psa-ff/val/nspe/val_dispatcher.h
@@ -0,0 +1,70 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_DISPATCHER_H_
+#define _VAL_DISPATCHER_H_
+
+#include "val.h"
+
+#define ELF_IDENT 16
+#define VAL_INVALID_TEST_ID 0xffffffff
+#define VAL_TEST_START_MARKER 0xfaceface
+#define VAL_TEST_END_MARKER 0xc3c3c3c3
+
+/* typedef's */
+typedef uint32_t elf32_word;
+typedef int32_t elf32_sword;
+typedef uint16_t elf32_half;
+typedef uint32_t elf32_off;
+typedef uint32_t elf32_addr;
+
+typedef struct {
+ unsigned char e_ident[ELF_IDENT]; /* ident bytes */
+ elf32_half e_type; /* file type */
+ elf32_half e_machine; /* target machine */
+ elf32_word e_version; /* file version */
+ elf32_addr e_entry; /* start address */
+ elf32_off e_phoff; /* phdr file offset */
+ elf32_off e_shoff; /* shdr file offset */
+ elf32_word e_flags; /* file flags */
+ elf32_half e_ehsize; /* sizeof ehdr */
+ elf32_half e_phentsize; /* sizeof phdr */
+ elf32_half e_phnum; /* number phdrs */
+ elf32_half e_shentsize; /* sizeof shdr */
+ elf32_half e_shnum; /* number shdrs */
+ elf32_half e_shstrndx; /* shdr string index */
+} elf_header_t;
+
+typedef struct {
+ elf32_word p_type; /* Segment type */
+ elf32_off p_offset; /* Segment file offset */
+ elf32_addr p_vaddr; /* Segment virtual address */
+ elf32_addr p_paddr; /* Segment physical address */
+ elf32_word p_filesz; /* Segment size in file */
+ elf32_word p_memsz; /* Segment size in memory */
+ elf32_word p_flags; /* Segment flags */
+ elf32_word p_align; /* Segment alignment */
+} elf_pheader_t;
+
+typedef struct {
+ uint32_t start_marker;
+ test_id_t test_id;
+ uint32_t elf_size;
+} test_header_t;
+
+void val_dispatcher(test_id_t);
+#endif
diff --git a/psa-ff/val/nspe/val_entry.c b/psa-ff/val/nspe/val_entry.c
new file mode 100644
index 0000000..3f9d119
--- /dev/null
+++ b/psa-ff/val/nspe/val_entry.c
@@ -0,0 +1,63 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_entry.h"
+#include "val_framework.h"
+#include "val_peripherals.h"
+#include "val_dispatcher.h"
+
+/**
+ @brief - PSA C main function, does VAL init and calls test dispatcher
+ @param - None
+ @return - void
+**/
+void val_entry(void)
+{
+ test_id_t test_id;
+
+ if (VAL_ERROR(val_target_init()))
+ {
+ goto exit;
+ }
+
+ if (VAL_ERROR(val_uart_init()))
+ {
+ goto exit;
+ }
+
+ if (VAL_ERROR(val_get_last_run_test_id(&test_id)))
+ {
+ goto exit;
+ }
+
+ /* Compliance header print */
+ if (test_id == VAL_INVALID_TEST_ID)
+ {
+ val_print(PRINT_ALWAYS, "\n***** PSA Compliance Suite - Version %d.", PSA_ACS_MAJOR_VER);
+ val_print(PRINT_ALWAYS, "%d *****\n", PSA_ACS_MINOR_VER);
+ }
+
+ /* Call dispatcher routine*/
+ val_dispatcher(test_id);
+
+exit:
+ val_print(PRINT_ALWAYS, "\n\nEntering standby\n", 0);
+ while(1)
+ {
+ asm volatile("WFI");
+ }
+}
diff --git a/psa-ff/val/nspe/val_entry.h b/psa-ff/val/nspe/val_entry.h
new file mode 100644
index 0000000..0293113
--- /dev/null
+++ b/psa-ff/val/nspe/val_entry.h
@@ -0,0 +1,32 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_ENTRY_H_
+#define _VAL_ENTRY_H_
+
+#include "val_framework.h"
+
+#define PSA_ACS_MAJOR_VER 0
+#define PSA_ACS_MINOR_VER 5
+
+/**
+ @brief - PSA C main function, does VAL init and calls test dispatcher
+ @param - None
+ @return - void
+**/
+extern void val_entry(void);
+#endif
diff --git a/psa-ff/val/nspe/val_framework.c b/psa-ff/val/nspe/val_framework.c
new file mode 100644
index 0000000..bb50d80
--- /dev/null
+++ b/psa-ff/val/nspe/val_framework.c
@@ -0,0 +1,590 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_framework.h"
+#include "val_interfaces.h"
+#include "val_dispatcher.h"
+#include "val_peripherals.h"
+#include "pal_interfaces_ns.h"
+#include "val_target.h"
+
+extern val_api_t val_api;
+extern psa_api_t psa_api;
+
+/* globals */
+test_status_buffer_t g_status_buffer;
+
+/**
+ * @brief Connect to given sid
+ @param -sid : RoT service id
+ @param -minor_version : minor_version of RoT service
+ @param -handle - return connection handle
+ * @return val_status_t
+ */
+val_status_t val_ipc_connect(uint32_t sid, uint32_t minor_version, psa_handle_t *handle )
+{
+ *handle = psa_connect(sid, minor_version);
+
+ if (*handle < 0)
+ {
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+/**
+ * @brief Call a connected Root of Trust Service.@n
+ * The caller must provide an array of ::psa_invec_t structures as the input payload.
+ *
+ * @param handle Handle for the connection.
+ * @param in_vec Array of psa_invec structures.
+ * @param in_len Number of psa_invec structures in in_vec.
+ * @param out_vec Array of psa_outvec structures for optional Root of Trust Service response.
+ * @param out_len Number of psa_outvec structures in out_vec.
+ * @return val_status_t
+ */
+val_status_t val_ipc_call(psa_handle_t handle, psa_invec *in_vec, size_t in_len,
+ psa_outvec *out_vec, size_t out_len)
+{
+ psa_status_t call_status = PSA_SUCCESS;
+
+ call_status = psa_call(handle, in_vec, in_len, out_vec, out_len);
+
+ if (call_status != PSA_SUCCESS)
+ {
+ return VAL_STATUS_CALL_FAILED;
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+/**
+ * @brief Close a connection to a Root of Trust Service.
+ * Sends the PSA_IPC_DISCONNECT message to the Root of Trust Service so it can clean up resources.
+ *
+ * @param handle Handle for the connection.
+ * @return void
+ */
+void val_ipc_close(psa_handle_t handle)
+{
+ psa_close(handle);
+}
+/**
+ @brief - This function executes given list of tests from non-secure sequentially
+ This covers non-secure to secure IPC API scenario
+ @param - test_num : Test_num
+ @param - tests_list : list of tests to be executed
+ @param - server_hs : Initiate a server handshake
+ @return - val_status_t
+**/
+val_status_t val_execute_non_secure_tests(uint32_t test_num, client_test_t *tests_list,
+ bool_t server_hs)
+{
+ val_status_t status = VAL_STATUS_SUCCESS;
+ val_status_t test_status = VAL_STATUS_SUCCESS;
+ boot_t boot;
+ psa_handle_t handle;
+ uint32_t i = 1;
+ test_info_t test_info;
+
+ test_info.test_num = test_num;
+
+ status = val_get_boot_flag(&boot.state);
+ if (VAL_ERROR(status))
+ {
+ val_set_status(RESULT_FAIL(status));
+ return status;
+ }
+
+ if (boot.state == BOOT_NOT_EXPECTED || boot.state == BOOT_EXPECTED_CRYPTO)
+ {
+ val_print(PRINT_TEST,"[Info] Executing tests form non-secure\n", 0);
+ while (tests_list[i] != NULL)
+ {
+ if (server_hs == TRUE)
+ {
+ /* Handshake with server tests */
+ test_info.block_num = i;
+ status = val_execute_secure_test_func(&handle, test_info,
+ SERVER_TEST_DISPATCHER_SID);
+ if (VAL_ERROR(status))
+ {
+ val_set_status(RESULT_FAIL(status));
+ val_print(PRINT_ERROR,"[Check%d] START\n", i);
+ return status;
+ }
+ else
+ {
+ val_print(PRINT_DEBUG,"[Check%d] START\n", i);
+ }
+ }
+
+ /* Execute client tests */
+ test_status = tests_list[i](NONSECURE);
+
+ if (server_hs == TRUE)
+ {
+ /* Retrive Server test status */
+ status = val_get_secure_test_result(&handle);
+ }
+
+ status = test_status ? test_status:status;
+ if (VAL_ERROR(status))
+ {
+ val_set_status(RESULT_FAIL(status));
+ val_print(PRINT_ERROR,"[Check%d] FAILED\n", i);
+ return status;
+ }
+ else
+ {
+ val_print(PRINT_DEBUG,"[Check%d] PASSED\n", i);
+ }
+ i++;
+ }
+ }
+ else
+ {
+ /* If we are here means, we are in second run of this test */
+ status = VAL_STATUS_SUCCESS;
+ if (boot.state != BOOT_EXPECTED_S)
+ {
+ val_print(PRINT_DEBUG,"[Check1] PASSED\n", 0);
+ }
+ }
+ return status;
+}
+/**
+ @brief - This function is used to switch to client_partition.c
+ where client tests will be executed to cover secure to secure
+ IPC scenario.
+ @param - test_num : Test_num
+ @return - val_status_t
+**/
+val_status_t val_switch_to_secure_client(uint32_t test_num)
+{
+ val_status_t status = VAL_STATUS_SUCCESS;
+ boot_t boot;
+ psa_handle_t handle;
+ test_info_t test_info;
+
+ test_info.test_num = test_num;
+ test_info.block_num = 1;
+
+ status = val_get_boot_flag(&boot.state);
+ if (VAL_ERROR(status))
+ {
+ goto exit;
+ }
+
+ if (boot.state != BOOT_EXPECTED_S)
+ {
+ status = val_set_boot_flag(BOOT_NOT_EXPECTED);
+ if (VAL_ERROR(status))
+ {
+ goto exit;
+ }
+
+ /* switch to secure client */
+ status = val_execute_secure_test_func(&handle, test_info, CLIENT_TEST_DISPATCHER_SID);
+ if (VAL_ERROR(status))
+ {
+ goto exit;
+ }
+
+ /* Retrive secure client test status */
+ status = val_get_secure_test_result(&handle);
+ if (VAL_ERROR(status))
+ {
+ goto exit;
+ }
+ return status;
+ }
+ else
+ {
+ /* If we are here means, we are in third run of this test */
+ val_print(PRINT_DEBUG,"[Check1] PASSED\n", 0);
+ return VAL_STATUS_SUCCESS;
+ }
+
+exit:
+ val_set_status(RESULT_FAIL(status));
+ return status;
+}
+
+/**
+ @brief - This function is used to handshake between:
+ - nonsecure client fn to server test fn
+ - secure client fn and server test fn
+ - nonsecure client fn to secure client test fn
+ @param - handle : handle returned while connecting given sid
+ @param - test_info : Test_num and block_num to be executed
+ @param - sid : RoT service to be connected. Partition dispatcher sid
+ @return - val_status_t
+**/
+val_status_t val_execute_secure_test_func(psa_handle_t *handle, test_info_t test_info, uint32_t sid)
+{
+ uint32_t test_data;
+ val_status_t status = VAL_STATUS_SUCCESS;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ *handle = psa_connect(sid, 0);
+
+ if (*handle < 0)
+ {
+ val_print(PRINT_ERROR, "Could not connect SID. Handle=%x\n", *handle);
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
+
+ test_data = ((uint32_t)(test_info.test_num) |((uint32_t)(test_info.block_num) << BLOCK_NUM_POS)
+ | ((uint32_t)(TEST_EXECUTE_FUNC) << ACTION_POS));
+ psa_invec data[1] = {{&test_data, sizeof(test_data)}};
+
+ status_of_call = psa_call(*handle, data, 1, NULL, 0);
+
+ if (status_of_call != PSA_SUCCESS)
+ {
+ status = VAL_STATUS_CALL_FAILED;
+ val_print(PRINT_ERROR, "Call to dispatch SF failed. Status=%x\n", status_of_call);
+ psa_close(*handle);
+ }
+ return status;
+}
+
+/**
+ @brief - This function is used to retrive the status of previously connected test function
+ using val_execute_secure_test_func
+ @param - handle : handle of server function. Handle of Partition dispatcher sid
+ @return - The status of test functions
+**/
+val_status_t val_get_secure_test_result(psa_handle_t *handle)
+{
+ uint32_t test_data;
+ val_status_t status = VAL_STATUS_SUCCESS;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ test_data = (TEST_RETURN_RESULT << ACTION_POS);
+
+ psa_outvec resp = {&status, sizeof(status)};
+ psa_invec data[1] = {{&test_data, sizeof(test_data)}};
+
+ status_of_call = psa_call(*handle, data, 1, &resp, 1);
+ if (status_of_call != PSA_SUCCESS)
+ {
+ status = VAL_STATUS_CALL_FAILED;
+ val_print(PRINT_ERROR, "Call to dispatch SF failed. Status=%x\n", status_of_call);
+ }
+
+ psa_close(*handle);
+ return status;
+}
+
+
+/**
+ @brief - Parses input status for a given test and
+ outputs appropriate information on the console
+ @return - Test state
+**/
+uint32_t val_report_status(void)
+{
+ uint32_t status, state;
+
+ status = val_get_status();
+
+ state = (status >> TEST_STATE_BIT) & TEST_STATE_MASK;
+ status = status & TEST_STATUS_MASK;
+
+ switch (state)
+ {
+ case TEST_START:
+ state = TEST_FAIL;
+ val_print(PRINT_ALWAYS, "TEST RESULT: FAILED (Error Code=0x%x)\n",
+ VAL_STATUS_INIT_FAILED);
+ break;
+
+ case TEST_END:
+ state = TEST_PASS;
+ val_print(PRINT_ALWAYS, "TEST RESULT: PASSED \n", 0);
+ break;
+
+ case TEST_FAIL:
+ val_print(PRINT_ALWAYS, "TEST RESULT: FAILED (Error Code=0x%x) \n", status);
+ break;
+
+ case TEST_SKIP:
+ val_print(PRINT_ALWAYS, "TEST RESULT: SKIPPED (Skip Code=0x%x)\n", status);
+ break;
+
+ case TEST_PENDING:
+ val_print(PRINT_ALWAYS, "TEST RESULT: SIM ERROR (Error Code=0x%x)\n", status);
+ break;
+
+ default:
+ state = TEST_FAIL;
+ val_print(PRINT_ALWAYS, "TEST RESULT: FAILED(Error Code=0x%x)\n", VAL_STATUS_INVALID);
+ break;
+
+ }
+
+ val_print(PRINT_ALWAYS, "\n******************************************\n", 0);
+ return state;
+}
+
+/**
+ @brief - Records the state and status of test
+ @return - val_status_t
+**/
+val_status_t val_set_status(uint32_t status)
+{
+ g_status_buffer.state = ((status >> TEST_STATE_BIT) & TEST_STATE_MASK);
+ g_status_buffer.status = (status & TEST_STATUS_MASK);
+
+ return VAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Updates the state and status for a given test
+ @return - test status
+**/
+uint32_t val_get_status(void)
+{
+ return ((g_status_buffer.state) << TEST_STATE_BIT) | (g_status_buffer.status);
+}
+
+/*
+ @brief - This function checks if the input status argument is an error.
+ On error, we print the checkpoint value and set the status.
+ @param - checkpoint : Test debug checkpoint
+ - val_status_t : Test status
+ @return - returns the input status back to the program.
+*/
+
+val_status_t val_err_check_set(uint32_t checkpoint, val_status_t status)
+{
+ if (VAL_ERROR(status))
+ {
+ val_print(PRINT_ERROR, "\tCheckpoint %d : ", checkpoint);
+ val_print(PRINT_ERROR, "Error Code=0x%x \n", status);
+ val_set_status(RESULT_FAIL(status));
+ }
+ else
+ {
+ status = val_get_status();
+ if (VAL_ERROR(status))
+ {
+ val_print(PRINT_ERROR, "\tCheckpoint %d : ", checkpoint);
+ val_print(PRINT_ERROR, "Error Code=0x%x \n", status);
+ }
+ else
+ {
+ val_print(PRINT_DEBUG, "\tCheckpoint %d \n", checkpoint);
+ }
+ }
+ return status;
+}
+
+/**
+ @brief This API prints the test number, description and
+ sets the test state to TEST_START on successful execution.
+ @param test_num :unique number identifying this test
+ @param desc :brief description of the test
+ @param test_bitfield :Addition test info such as
+ - test isolation level requirement
+ - Watchdog timeout type
+ @return void
+**/
+
+void val_test_init(uint32_t test_num, char8_t *desc, uint32_t test_bitfield)
+{
+ val_status_t status = VAL_STATUS_SUCCESS;
+ miscellaneous_desc_t *misc_desc;
+
+ /*global init*/
+ g_status_buffer.state = 0;
+ g_status_buffer.status = VAL_STATUS_INVALID;
+
+ val_print(PRINT_ALWAYS, "\nTEST: %d | DESCRIPTION: ", test_num);
+ val_print(PRINT_ALWAYS, desc, 0);
+
+ /* common skip logic */
+ status = val_target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MISCELLANEOUS,
+ MISCELLANEOUS_DUT, 0),
+ (uint8_t **)&misc_desc,
+ (uint32_t *)sizeof(miscellaneous_desc_t));
+ if (VAL_ERROR(status))
+ {
+ return;
+ }
+
+ if (misc_desc->implemented_psa_firmware_isolation_level <
+ GET_TEST_ISOLATION_LEVEL(test_bitfield))
+ {
+ val_set_status(RESULT_SKIP(VAL_STATUS_ISOLATION_LEVEL_NOT_SUPP));
+ val_print(PRINT_ALWAYS, "Skipping test. Required isolation level is not supported\n", 0);
+ return;
+ }
+
+ /* Initialise watchdog */
+ status = val_wd_timer_init(GET_WD_TIMOUT_TYPE(test_bitfield));
+ if (VAL_ERROR(status))
+ {
+ val_print(PRINT_ERROR, "val_wd_timer_init failed Error=0x%x\n", status);
+ return;
+ }
+
+ /* Enable watchdog Timer */
+ status = val_wd_timer_enable();
+ if (VAL_ERROR(status))
+ {
+ val_print(PRINT_ERROR, "val_wd_timer_enable failed Error=0x%x\n", status);
+ return;
+ }
+
+ val_set_status(RESULT_START(VAL_STATUS_SUCCESS));
+ return;
+}
+
+/**
+ @brief This API sets the test state to TEST_END if test is successfuly passed.
+ @param none
+ @return none
+**/
+
+void val_test_exit(void)
+{
+ val_wd_timer_disable();
+
+ /* return if test skipped or failed */
+ if (IS_TEST_SKIP(val_get_status()) || IS_TEST_FAIL(val_get_status()))
+ {
+ return;
+ }
+ val_set_status(RESULT_END(VAL_STATUS_SUCCESS));
+}
+
+/**
+ @brief - This function returns the test ID of the last test that was run
+ @param - test_id address
+ @return - val_status_t
+**/
+val_status_t val_get_last_run_test_id(test_id_t *test_id)
+{
+ val_status_t status;
+ test_count_t test_count;
+ boot_t boot;
+ int i = 0, intermediate_boot = 0;
+ boot_state_t boot_state[] = {BOOT_NOT_EXPECTED, BOOT_EXPECTED_NS,
+ BOOT_EXPECTED_S, BOOT_EXPECTED_BUT_FAILED,
+ BOOT_EXPECTED_CRYPTO};
+
+ status = val_get_boot_flag(&boot.state);
+ if (VAL_ERROR(status))
+ {
+ return status;
+ }
+
+ for (i = 0; i < (sizeof(boot_state)/sizeof(boot_state[0])); i++)
+ {
+ if (boot.state == boot_state[i])
+ {
+ intermediate_boot = 1;
+ break;
+ }
+ }
+
+ if (!intermediate_boot)
+ {
+ /* First boot. Initiliase necessary data structure */
+ status = val_set_boot_flag(BOOT_UNKNOWN);
+ if (VAL_ERROR(status))
+ {
+ return status;
+ }
+
+ *test_id = VAL_INVALID_TEST_ID;
+ status = val_nvmem_write(VAL_NVMEM_OFFSET(NV_TEST_ID_PREVIOUS),
+ test_id, sizeof(test_id_t));
+ if (VAL_ERROR(status))
+ {
+ val_print(PRINT_ALWAYS, "\n\tNVMEM write error", 0);
+ return status;
+ }
+
+ test_count.pass_cnt = 0;
+ test_count.fail_cnt = 0;
+ test_count.skip_cnt = 0;
+ test_count.sim_error_cnt = 0;
+
+ status = val_nvmem_write(VAL_NVMEM_OFFSET(NV_TEST_CNT),
+ &test_count, sizeof(test_count_t));
+ if (VAL_ERROR(status))
+ {
+ val_print(PRINT_ERROR, "\n\tNVMEM write error", 0);
+ return status;
+ }
+ }
+
+ status = val_nvmem_read(VAL_NVMEM_OFFSET(NV_TEST_ID_PREVIOUS), test_id, sizeof(test_id_t));
+ if (VAL_ERROR(status))
+ {
+ val_print(PRINT_ERROR, "\n\tNVMEM read error", 0);
+ }
+
+ val_print(PRINT_INFO, "In val_get_last_run_test_id, test_id=%x\n", *test_id);
+ return status;
+}
+
+/**
+ @brief - This function sets the given boot.state value to corresponding
+ boot NVMEM location
+ @param - state: boot_state_t
+ @return - val_status_t
+**/
+val_status_t val_set_boot_flag(boot_state_t state)
+{
+ boot_t boot;
+ val_status_t status;
+
+ boot.state = state;
+ status = val_nvmem_write(VAL_NVMEM_OFFSET(NV_BOOT), &boot, sizeof(boot_t));
+ if (VAL_ERROR(status))
+ {
+ val_print(PRINT_ERROR, "val_nvmem_write failed. Error=0x%x\n", status);
+ return status;
+ }
+ return status;
+}
+
+/**
+ @brief - This function returns boot.state value available in boot NVMEM location
+ @param - state address
+ @return - val_status_t
+**/
+val_status_t val_get_boot_flag(boot_state_t *state)
+{
+ boot_t boot;
+ val_status_t status;
+
+ status = val_nvmem_read(VAL_NVMEM_OFFSET(NV_BOOT), &boot, sizeof(boot_t));
+ if (VAL_ERROR(status))
+ {
+ val_print(PRINT_ERROR, "val_nvmem_read failed. Error=0x%x\n", status);
+ return status;
+ }
+ *state = boot.state;
+ return status;
+}
diff --git a/psa-ff/val/nspe/val_framework.h b/psa-ff/val/nspe/val_framework.h
new file mode 100644
index 0000000..84e2bd0
--- /dev/null
+++ b/psa-ff/val/nspe/val_framework.h
@@ -0,0 +1,46 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#ifndef _VAL_INFRA_H_
+#define _VAL_INFRA_H_
+
+#include "val.h"
+#include "val_client_defs.h"
+#include "val_interfaces.h"
+
+/* prototypes */
+uint32_t val_report_status(void);
+val_status_t val_set_status(uint32_t status);
+uint32_t val_get_status(void);
+val_status_t val_err_check_set(uint32_t checkpoint, val_status_t status);
+void val_test_init(uint32_t test_num, char8_t *desc, uint32_t test_bitfield);
+void val_test_exit(void);
+val_status_t val_get_last_run_test_id(test_id_t *test_id);
+val_status_t val_execute_non_secure_tests(uint32_t test_num, client_test_t *tests_list,
+ bool_t server_hs);
+val_status_t val_switch_to_secure_client(uint32_t test_num);
+val_status_t val_execute_secure_test_func(psa_handle_t *handle, test_info_t test_info,
+ uint32_t sid);
+val_status_t val_get_secure_test_result(psa_handle_t *handle);
+val_status_t val_ipc_connect(uint32_t sid, uint32_t minor_version, psa_handle_t *handle);
+val_status_t val_ipc_call(psa_handle_t handle, psa_invec *in_vec, size_t in_len,
+ psa_outvec *out_vec, size_t out_len);
+void val_ipc_close(psa_handle_t handle);
+val_status_t val_set_boot_flag(boot_state_t state);
+val_status_t val_get_boot_flag(boot_state_t *state);
+#endif
diff --git a/psa-ff/val/nspe/val_interfaces.c b/psa-ff/val/nspe/val_interfaces.c
new file mode 100644
index 0000000..34b325c
--- /dev/null
+++ b/psa-ff/val/nspe/val_interfaces.c
@@ -0,0 +1,59 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "val_framework.h"
+#include "val_interfaces.h"
+#include "val_peripherals.h"
+#include "val_target.h"
+#include "val_crypto.h"
+
+/*VAL APIs to be used by test */
+const val_api_t val_api = {
+ .print = val_print,
+ .set_status = val_set_status,
+ .get_status = val_get_status,
+ .test_init = val_test_init,
+ .test_exit = val_test_exit,
+ .err_check_set = val_err_check_set,
+ .target_get_config = val_target_get_config,
+ .execute_non_secure_tests = val_execute_non_secure_tests,
+ .switch_to_secure_client = val_switch_to_secure_client,
+ .execute_secure_test_func = val_execute_secure_test_func,
+ .get_secure_test_result = val_get_secure_test_result,
+ .ipc_connect = val_ipc_connect,
+ .ipc_call = val_ipc_call,
+ .ipc_close = val_ipc_close,
+ .nvmem_read = val_nvmem_read,
+ .nvmem_write = val_nvmem_write,
+ .wd_timer_init = val_wd_timer_init,
+ .wd_timer_enable = val_wd_timer_enable,
+ .wd_timer_disable = val_wd_timer_disable,
+ .is_wd_timer_enabled = val_is_wd_timer_enabled,
+ .set_boot_flag = val_set_boot_flag,
+ .get_boot_flag = val_get_boot_flag,
+ .crypto_function = val_crypto_function,
+ .crypto_key_type_is_raw = val_crypto_key_type_is_raw,
+};
+
+const psa_api_t psa_api = {
+ .framework_version = psa_framework_version,
+ .version = psa_version,
+ .connect = psa_connect,
+ .call = psa_call,
+ .close = psa_close,
+};
diff --git a/psa-ff/val/nspe/val_interfaces.h b/psa-ff/val/nspe/val_interfaces.h
new file mode 100644
index 0000000..74362bb
--- /dev/null
+++ b/psa-ff/val/nspe/val_interfaces.h
@@ -0,0 +1,82 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_INTERFACES_H_
+#define _VAL_INTERFACES_H_
+
+#include "val.h"
+#include "val_client_defs.h"
+
+/* typedef's */
+typedef struct {
+ val_status_t (*print) (print_verbosity_t verbosity,
+ char *string, uint32_t data);
+ val_status_t (*set_status) (uint32_t status);
+ uint32_t (*get_status) (void);
+ void (*test_init) (uint32_t test_num, char8_t *desc,
+ uint32_t test_bitfield);
+ void (*test_exit) (void);
+ val_status_t (*err_check_set) (uint32_t checkpoint, val_status_t status);
+ val_status_t (*target_get_config) (cfg_id_t cfg_id, uint8_t **data, uint32_t *size);
+ val_status_t (*execute_non_secure_tests) (uint32_t test_num, client_test_t *tests_list,
+ bool_t server_hs);
+ val_status_t (*switch_to_secure_client) (uint32_t test_num);
+ val_status_t (*execute_secure_test_func) (psa_handle_t *handle, test_info_t test_info,
+ uint32_t sid);
+ val_status_t (*ipc_connect) (uint32_t sid, uint32_t minor_version,
+ psa_handle_t *handle );
+ val_status_t (*ipc_call) (psa_handle_t handle, psa_invec *in_vec,
+ size_t in_len, psa_outvec *out_vec,
+ size_t out_len);
+ void (*ipc_close) (psa_handle_t handle);
+ val_status_t (*get_secure_test_result) (psa_handle_t *handle);
+ val_status_t (*nvmem_read) (uint32_t offset, void *buffer, int size);
+ val_status_t (*nvmem_write) (uint32_t offset, void *buffer, int size);
+ val_status_t (*wd_timer_init) (wd_timeout_type_t timeout_type);
+ val_status_t (*wd_timer_enable) (void);
+ val_status_t (*wd_timer_disable) (void);
+ val_status_t (*is_wd_timer_enabled) (void);
+ val_status_t (*set_boot_flag) (boot_state_t state);
+ val_status_t (*get_boot_flag) (boot_state_t *state);
+ val_status_t (*crypto_function) (int type, ...);
+ int32_t (*crypto_key_type_is_raw) (uint32_t type);
+} val_api_t;
+
+typedef struct {
+ uint32_t (*framework_version) (void);
+ uint32_t (*version) (uint32_t sid);
+ psa_handle_t (*connect) (uint32_t sid, uint32_t minor_version);
+ psa_status_t (*call) (psa_handle_t handle,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len
+ );
+ psa_status_t (*close) (psa_handle_t handle);
+} psa_api_t;
+
+typedef void (*test_fptr_t)(val_api_t *val, psa_api_t *psa);
+
+typedef struct {
+ test_id_t test_id;
+ test_fptr_t entry_addr;
+} val_test_info_t;
+
+void test_entry(val_api_t *val, psa_api_t *psa);
+void test_payload(val_api_t *val, psa_api_t *psa);
+
+#endif
diff --git a/psa-ff/val/nspe/val_peripherals.c b/psa-ff/val/nspe/val_peripherals.c
new file mode 100644
index 0000000..3ffbe57
--- /dev/null
+++ b/psa-ff/val/nspe/val_peripherals.c
@@ -0,0 +1,395 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_peripherals.h"
+#include "val_target.h"
+#include "pal_interfaces_ns.h"
+#include "val_framework.h"
+#include "val_client_defs.h"
+
+/* Global */
+uint32_t is_uart_init_done = 0;
+
+/**
+ @brief - This API will read the necessary target config info
+ and pass it to driver partition to initialise the driver partition
+ global variables
+ @param - void
+ @return - error status
+**/
+val_status_t val_target_init(void)
+{
+ target_param_t target_param;
+ val_status_t status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+ soc_peripheral_desc_t *uart_desc;
+ soc_peripheral_desc_t *soc_per_desc;
+ memory_desc_t *memory_desc;
+
+ status = val_target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_SOC_PERIPHERAL,
+ SOC_PERIPHERAL_UART, 0),
+ (uint8_t **)&uart_desc,
+ (uint32_t *)sizeof(soc_peripheral_desc_t));
+ if (VAL_ERROR(status))
+ {
+ return status;
+ }
+
+ target_param.uart_base_addr = uart_desc->base;
+
+ status = val_target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_SOC_PERIPHERAL,
+ SOC_PERIPHERAL_WATCHDOG, 0),
+ (uint8_t **)&soc_per_desc,
+ (uint32_t *)sizeof(soc_peripheral_desc_t));
+ if (VAL_ERROR(status))
+ {
+ return status;
+ }
+ target_param.wd_base_addr = soc_per_desc->base;
+ target_param.wd_time_us_low = soc_per_desc->timeout_in_micro_sec_low;
+ target_param.wd_time_us_medium = soc_per_desc->timeout_in_micro_sec_medium;
+ target_param.wd_time_us_high = soc_per_desc->timeout_in_micro_sec_high;
+ target_param.wd_timer_tick_us = soc_per_desc->num_of_tick_per_micro_sec;
+
+ status = val_target_get_config(TARGET_CONFIG_CREATE_ID(GROUP_MEMORY, MEMORY_NVMEM, 0),
+ (uint8_t **)&memory_desc,
+ (uint32_t *)sizeof(memory_desc_t));
+
+ target_param.nvmem_base_addr = memory_desc->start;
+
+ if (VAL_ERROR(status))
+ {
+ return status;
+ }
+
+ psa_invec invec[1] = {{&target_param, sizeof(target_param)}};
+ handle = psa_connect(DRIVER_TARGET_INIT_SID, 0);
+ if (handle < 0)
+ {
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
+ else
+ {
+ status_of_call = psa_call(handle, invec, 1, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ {
+ psa_close(handle);
+ return VAL_STATUS_CALL_FAILED;
+ }
+ }
+ psa_close(handle);
+ return VAL_STATUS_SUCCESS;
+}
+
+/*
+ @brief - Initialize UART.
+ This is client interface API of secure partition UART INIT API.
+ @param - None
+ @return - val_status_t
+*/
+val_status_t val_uart_init(void)
+{
+ psa_handle_t print_handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+ uint32_t uart_init_sign = UART_INIT_SIGN;
+ uint32_t verbosity = VERBOSE;
+
+ psa_invec data[3] = {{&uart_init_sign, sizeof(uart_init_sign)},
+ {&verbosity, sizeof(verbosity)}};
+
+ print_handle = psa_connect(DRIVER_UART_SID, 0);
+ if (print_handle < 0)
+ {
+ return(VAL_STATUS_CONNECTION_FAILED);
+ }
+
+ status_of_call = psa_call(print_handle, data, 3, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ {
+ return(VAL_STATUS_CALL_FAILED);
+ }
+
+ is_uart_init_done = 1;
+ psa_close(print_handle);
+ return VAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Print module. This is client interface API of secure partition
+ val_print_sf API for nspe world
+ @param - verbosity: Print verbosity level
+ - string : Input string
+ - data : Value for format specifier
+ @return - val_status_t
+**/
+val_status_t val_print(print_verbosity_t verbosity, char *string, uint32_t data)
+{
+ int string_len = 0;
+ char *p = string;
+ psa_handle_t print_handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+ val_status_t status = VAL_STATUS_SUCCESS;
+
+ if ((is_uart_init_done == 0) || (verbosity < VERBOSE))
+ {
+ return 0;
+ }
+ while (*p != '\0')
+ {
+ string_len++;
+ p++;
+ }
+
+ psa_invec data1[3] = {{&verbosity, 4}, {string, string_len+1}, {&data, 4}};
+ print_handle = psa_connect(DRIVER_UART_SID, 0);
+
+ if (print_handle < 0)
+ {
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
+ else
+ {
+ status_of_call = psa_call(print_handle, data1, 3, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ {
+ status = VAL_STATUS_CALL_FAILED;
+ }
+ }
+ psa_close(print_handle);
+ return status;
+}
+
+/**
+ @brief - This API will read from slave address via SPI
+ @param - addr : Slave address
+ data : value read from Slave address
+ len : length of data to be read in bytes
+ @return - error status
+**/
+val_status_t val_spi_read(addr_t addr, uint8_t *data, uint32_t len)
+{
+ return pal_spi_read(addr, data, len);
+}
+
+/* Watchdog APIs */
+/**
+ @brief - Initializes the WatchDog Timer instance. This is client interface API of
+ secure partition val_wd_timer_init_sf API for nspe world.
+ @param timeout: watchdog timeout value to be programmed
+ Defines to be used are WD_LOW_TIMEOUT, WD_MEDIUM_TIMEOUT and WD_HIGH_TIMEOUT
+ @return - error status
+**/
+val_status_t val_wd_timer_init(wd_timeout_type_t timeout_type)
+{
+ wd_param_t wd_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ wd_param.wd_fn_type = WD_INIT_SEQ;
+ wd_param.wd_timeout_type = timeout_type;
+ psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
+
+ handle = psa_connect(DRIVER_WATCHDOG_SID, 0);
+ if (handle < 0)
+ {
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
+ else
+ {
+ status_of_call = psa_call(handle, invec, 1, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ {
+ psa_close(handle);
+ return VAL_STATUS_CALL_FAILED;
+ }
+ }
+ psa_close(handle);
+ return VAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Enable WatchDog Timer instance. This is client interface API of
+ secure partition val_wd_timer_enable_sf API for nspe world.
+ @return - error status
+**/
+val_status_t val_wd_timer_enable(void)
+{
+ wd_param_t wd_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ wd_param.wd_fn_type = WD_ENABLE_SEQ;
+ psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
+
+ handle = psa_connect(DRIVER_WATCHDOG_SID, 0);
+ if (handle < 0)
+ {
+ return VAL_STATUS_CONNECTION_FAILED;
+ }else
+ {
+ status_of_call = psa_call(handle, invec, 1, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ {
+ psa_close(handle);
+ return VAL_STATUS_CALL_FAILED;
+ }
+ }
+ psa_close(handle);
+ return VAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Disable Watch Dog Timer instance. This is client interface API of
+ secure partition val_wd_timer_disable_sf API for nspe world.
+ @return - error status
+**/
+val_status_t val_wd_timer_disable(void)
+{
+ wd_param_t wd_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ wd_param.wd_fn_type = WD_DISABLE_SEQ;
+ psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
+
+ handle = psa_connect(DRIVER_WATCHDOG_SID, 0);
+ if (handle < 0)
+ {
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
+ else
+ {
+ status_of_call = psa_call(handle, invec, 1, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ {
+ psa_close(handle);
+ return VAL_STATUS_CALL_FAILED;
+ }
+ }
+ psa_close(handle);
+ return VAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - Checks if watchdog enabled. This is client interface API of
+ secure partition val_is_wd_timer_enabled_sf API for nspe world.
+ @return - error status
+**/
+val_status_t val_is_wd_timer_enabled(void)
+{
+ wd_param_t wd_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ wd_param.wd_fn_type = WD_STATUS_SEQ;
+ psa_invec invec[1] = {{&wd_param, sizeof(wd_param)}};
+
+ handle = psa_connect(DRIVER_WATCHDOG_SID, 0);
+ if (handle < 0)
+ {
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
+ else
+ {
+ status_of_call = psa_call(handle, invec, 1, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ {
+ psa_close(handle);
+ return VAL_STATUS_CALL_FAILED;
+ }
+ }
+ psa_close(handle);
+ return VAL_STATUS_SUCCESS;
+}
+
+/*
+ @brief - Reads 'size' bytes from Non-volatile memory at a given. This is client interface
+ API of secure partition val_nvmem_read_sf API for nspe world.
+ 'base + offset' into given buffer.
+ - offset : Offset from NV MEM base address
+ - buffer : Pointer to source address
+ - size : Number of bytes
+ @return - val_status_t
+*/
+val_status_t val_nvmem_read(uint32_t offset, void *buffer, int size)
+{
+ nvmem_param_t nvmem_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ nvmem_param.nvmem_fn_type = NVMEM_READ;
+ nvmem_param.offset = offset;
+ nvmem_param.size = size;
+ psa_invec invec[1] = {{&nvmem_param, sizeof(nvmem_param)}};
+ psa_outvec outvec[1] = {{buffer, size}};
+
+ handle = psa_connect(DRIVER_NVMEM_SID, 0);
+ if (handle < 0)
+ {
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
+ else
+ {
+ status_of_call = psa_call(handle, invec, 1, outvec, 1);
+ if (status_of_call != PSA_SUCCESS)
+ {
+ psa_close(handle);
+ return VAL_STATUS_CALL_FAILED;
+ }
+ }
+ psa_close(handle);
+ return VAL_STATUS_SUCCESS;
+}
+
+/*
+ @brief - Writes 'size' bytes from buffer into non-volatile memory at a given
+ 'base + offset'. This is client interface API of secure partition
+ val_nvmem_write_sf API for nspe world.
+ - offset : Offset
+ - buffer : Pointer to source address
+ - size : Number of bytes
+ @return - val_status_t
+*/
+val_status_t val_nvmem_write(uint32_t offset, void *buffer, int size)
+{
+ nvmem_param_t nvmem_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ nvmem_param.nvmem_fn_type = NVMEM_WRITE;
+ nvmem_param.offset = offset;
+ nvmem_param.size = size;
+ psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size}};
+
+ handle = psa_connect(DRIVER_NVMEM_SID, 0);
+ if (handle < 0)
+ {
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
+ else
+ {
+ status_of_call = psa_call(handle, invec, 2, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ {
+ psa_close(handle);
+ return VAL_STATUS_CALL_FAILED;
+ }
+ }
+ psa_close(handle);
+ return VAL_STATUS_SUCCESS;
+}
diff --git a/psa-ff/val/nspe/val_peripherals.h b/psa-ff/val/nspe/val_peripherals.h
new file mode 100644
index 0000000..f3db9f6
--- /dev/null
+++ b/psa-ff/val/nspe/val_peripherals.h
@@ -0,0 +1,33 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_PERIPHERALS_H_
+#define _VAL_PERIPHERALS_H_
+
+#include "val.h"
+
+val_status_t val_uart_init(void);
+val_status_t val_print(print_verbosity_t verbosity, char *string, uint32_t data);
+val_status_t val_spi_read(addr_t addr, uint8_t *data, uint32_t len);
+val_status_t val_target_init(void);
+val_status_t val_nvmem_read(uint32_t offset, void *buffer, int size);
+val_status_t val_nvmem_write(uint32_t offset, void *buffer, int size);
+val_status_t val_wd_timer_init(wd_timeout_type_t timeout_type);
+val_status_t val_wd_timer_enable(void);
+val_status_t val_wd_timer_disable(void);
+val_status_t val_is_wd_timer_enabled(void);
+#endif
diff --git a/psa-ff/val/nspe/val_target.c b/psa-ff/val/nspe/val_target.c
new file mode 100644
index 0000000..fe69759
--- /dev/null
+++ b/psa-ff/val/nspe/val_target.c
@@ -0,0 +1,146 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#include "val_framework.h"
+#include "val_target.h"
+#include "val_peripherals.h"
+#include "pal_interfaces_ns.h"
+
+/**
+ @brief - Returns the base address of target configuration block database.
+ @param - blob : Populates the base address
+ @return - val_status_t
+**/
+val_status_t val_target_cfg_get_next(void **blob)
+{
+ val_status_t status = VAL_STATUS_SUCCESS;
+ target_cfg_hdr_t *hdr;
+ uint32_t size;
+
+ if (*blob == NULL)
+ {
+ *blob = pal_target_get_cfg_start();
+ if (blob == NULL)
+ {
+ return VAL_STATUS_NOT_FOUND;
+ }
+ hdr = *blob;
+
+ /* Sanity check signature and version here */
+ if ((hdr->version != 1) || (hdr->size == 0))
+ {
+ val_print(PRINT_ERROR, "Target config database Error. \n", 0);
+ return status;
+ }
+ hdr++;
+ *blob = hdr; // skip the header. start with the first record.
+ return status;
+ }
+
+ size = (((cfg_type_t *)*blob)->size) & 0xFFFFFF;
+ if (size)
+ {
+ *blob = (void *)((uint8_t *)*blob + size);
+ return VAL_STATUS_SUCCESS;
+ }
+ return VAL_STATUS_ERROR;
+}
+
+/**
+ @brief - This function checks for the given configuration ID with the block in
+ target configuration database.
+ @param - cfg_id : Configuration ID of a block
+ - data : Returns block base address
+ - size : Block size
+ @return - val_status_t
+**/
+val_status_t val_target_get_cfg_blob(cfg_id_t cfg_id, uint8_t **data, uint32_t *size)
+{
+ val_status_t status;
+ void *config_blob = NULL;
+
+ val_print(PRINT_INFO, "Input id is %x \n", cfg_id);
+ do
+ {
+
+ status = val_target_cfg_get_next(&config_blob);
+
+ if (VAL_ERROR(status))
+ {
+ break;
+ }
+
+ if (((cfg_type_t *)config_blob)->cfg_id == cfg_id)
+ {
+ *data = (uint8_t *)config_blob;
+ status = VAL_STATUS_SUCCESS;
+ break;
+ }
+ else if (((((cfg_type_t *)config_blob)->cfg_id & VAL_TEST_MAJOR_GROUP_MASK) == \
+ (cfg_id & VAL_TEST_MAJOR_GROUP_MASK)) && \
+ !(((cfg_type_t *)config_blob)->cfg_id & \
+ (VAL_TEST_MINOR_GROUP_MASK | VAL_TEST_CFG_INSTANCE_MASK)))
+ {
+ config_blob = (void *)((uint8_t *)config_blob + sizeof(memory_hdr_t));
+ if (((cfg_type_t *)config_blob)->cfg_id == cfg_id)
+ {
+ *data = (uint8_t *)config_blob;
+ status = VAL_STATUS_SUCCESS;
+ break;
+ }
+ }
+ else if (((cfg_type_t *)config_blob)->cfg_id == VAL_TEST_INVALID_CFG_ID)
+ {
+ status = VAL_STATUS_NOT_FOUND;
+ break;
+ }
+ } while(1);
+
+ return status;
+}
+
+/**
+
+ @brief - This function returns the data associated with a given
+ config ID.
+ @param - size - if the input size is less than the data size to
+ returned, the size is updated with the actual data size and
+ error is returned.
+ @return - data contains the information of type specific to a
+ config id.
+**/
+val_status_t val_target_get_config(cfg_id_t cfg_id, uint8_t **data, uint32_t *size)
+{
+ val_status_t status;
+
+ if ((cfg_id < TARGET_MIN_CFG_ID) || (cfg_id > TARGET_MAX_CFG_ID))
+ {
+ val_print(PRINT_ERROR, "Invalid Target data config ID = %x \n", cfg_id);
+ return VAL_STATUS_INSUFFICIENT_SIZE;
+ }
+
+ status = val_target_get_cfg_blob(cfg_id, data, size);
+
+ if (VAL_ERROR(status))
+ {
+ val_print(PRINT_ERROR, "\n Get Config failed with status = %x", status);
+ val_print(PRINT_ERROR, " for cfg_id = %x", cfg_id);
+ return status;
+ }
+ return VAL_STATUS_SUCCESS;
+}
+
diff --git a/psa-ff/val/nspe/val_target.h b/psa-ff/val/nspe/val_target.h
new file mode 100644
index 0000000..50a7e3f
--- /dev/null
+++ b/psa-ff/val/nspe/val_target.h
@@ -0,0 +1,198 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _TARGET_INFO_DATA_H_
+#define _TARGET_INFO_DATA_H_
+
+#include "val.h"
+
+#define TARGET_CONFIG_CREATE_ID(major, minor, index) \
+ (((major & 0xFF) << 24) | ((minor & 0xFF) << 16) | (index & 0xFFFF))
+#define TARGET_CONFIG_GET_MAJOR(config_id) ((config_id >> 24) & 0xFF)
+#define TARGET_CONFIG_GET_MINOR(config_id) ((config_id >> 16) & 0xFF)
+#define TARGET_CONFIG_INCREMENT_INDEX(config_id) \
+ ((config_id & 0xFFFF0000) | ((config_id & 0xFFFF) + 1))
+#define GET_NUM_INSTANCE(struct_type) (struct_type->cfg_type.size >> 24)
+#define VAL_TEST_MAJOR_GROUP_MASK 0xFF000000UL
+#define VAL_TEST_MINOR_GROUP_MASK 0x00FF0000UL
+#define VAL_TEST_CFG_INSTANCE_MASK 0x0000FFFFUL
+#define VAL_TEST_INVALID_CFG_ID 0xFFFFFFFFUL
+#define TARGET_MIN_CFG_ID TARGET_CONFIG_CREATE_ID(GROUP_SOC_PERIPHERAL, 0, 0)
+#define TARGET_MAX_CFG_ID TARGET_CONFIG_CREATE_ID(GROUP_MAX, 0, 0)
+
+/**
+ Config IDs for each group/component
+ 31:24 : MAJOR (group)
+ 23:16 : MINOR (component)
+ 16:8 : SUB-component
+ 7:0 : INSTANCE (instance of same component)
+**/
+
+/*
+ MAJOR IDs
+*/
+typedef enum _GROUP_CONFIG_ID_ {
+ GROUP_SOC_PERIPHERAL = 0x1,
+ GROUP_MEMORY = 0x2,
+ GROUP_MISCELLANEOUS = 0x3,
+ GROUP_MAX = 0xFF,
+} group_cfg_id_t;
+
+/*
+ MINOR IDs
+ */
+typedef enum _SOC_PERIPHERAL_CONFIG_ID_ {
+ SOC_PERIPHERAL_UART = 0x1,
+ SOC_PERIPHERAL_TIMER = 0x2,
+ SOC_PERIPHERAL_WATCHDOG = 0x3,
+} soc_peripheral_cfg_id_t;
+
+typedef enum _MEMORY_CONFIG_ID_ {
+ MEMORY_NVMEM = 0x2
+} memory_cfg_id_t;
+
+typedef enum _MISCELLANEOUS_CONFIG_ID_ {
+ MISCELLANEOUS_BOOT = 0x1,
+ MISCELLANEOUS_DUT = 0x2
+} miscellaneous_cfg_id_t;
+
+/**
+ Assign group type to each system component
+**/
+typedef enum _COMPONENT_GROUPING_{
+ UART = GROUP_SOC_PERIPHERAL,
+ TIMER = GROUP_SOC_PERIPHERAL,
+ WATCHDOG = GROUP_SOC_PERIPHERAL,
+ NVMEM = GROUP_MEMORY,
+ BOOT = GROUP_MISCELLANEOUS,
+ DUT = GROUP_MISCELLANEOUS,
+} comp_group_assign_t;
+
+/**
+ Target Configuration Header
+**/
+typedef struct _TARGET_CFG_HDR_ {
+ /* PSA_CFG */
+ uint32_t signature[2];
+ /* 8 byte String describing the Target platform */
+ uint32_t target_string[2];
+ /* version = 1 for now */
+ uint32_t version;
+ /* Header Size */
+ uint32_t size;
+}target_cfg_hdr_t;
+
+typedef enum {
+ LEVEL1 = 0x1,
+ LEVEL2,
+ LEVEL3,
+} firmware_level_t;
+
+typedef enum {
+ NOT_AVAILABLE = 0x0,
+ AVAILABLE = 0x1,
+} is_available_t;
+
+typedef enum {
+ SECURE_ACCESS = 0x100,
+ NONSECURE_ACCESS,
+ SECURE_PROGRAMMABLE,
+ NONSECURE_PROGRAMMABLE
+} dev_attr_t;
+
+typedef enum {
+ MEM_SECURE = 0x100,
+ MEM_NONSECURE,
+ MEM_NSC,
+} mem_tgt_attr_t;
+
+typedef enum {
+ TYPE_READ_ONLY = 0x10,
+ TYPE_WRITE_ONLY,
+ TYPE_READ_WRITE,
+ TYPE_EXECUTE,
+ TYPE_RESERVED,
+} perm_type_t;
+
+typedef struct _CFG_HDR_TYPE_ {
+ cfg_id_t cfg_id;
+ /* size inclusive of this header */
+ uint32_t size;
+} cfg_type_t;
+
+/**
+ Memory Information
+**/
+typedef struct _MEM_INFO_DESC_ {
+ cfg_type_t cfg_type;
+ uint32_t num;
+} memory_hdr_t;
+
+typedef struct _MEM_REGION_ {
+ cfg_type_t cfg_type;
+ addr_t start;
+ addr_t end;
+ mem_tgt_attr_t attribute;
+ perm_type_t permission;
+} memory_desc_t;
+
+/*
+ SOC Peripheral description structures
+*/
+typedef struct _SOC_PER_INFO_NUM_ {
+ cfg_type_t cfg_type;
+ uint32_t num;
+} soc_peripheral_hdr_t;
+
+typedef struct _SOC_PER_INFO_DESC_ {
+ cfg_type_t cfg_type;
+ uint32_t vendor_id;
+ uint32_t device_id;
+ addr_t base;
+ uint32_t size;
+ uint32_t intr_id;
+ perm_type_t permission;
+ uint32_t timeout_in_micro_sec_low;
+ uint32_t timeout_in_micro_sec_medium;
+ uint32_t timeout_in_micro_sec_high;
+ uint32_t num_of_tick_per_micro_sec;
+ dev_attr_t attribute;
+} soc_peripheral_desc_t;
+
+/**
+ System Miscellaneous Information
+**/
+
+typedef struct _MISCELLANEOUS_INFO_HDR_ {
+ cfg_type_t cfg_type;
+ uint32_t num;
+} miscellaneous_hdr_t;
+
+typedef struct _MISCELLANEOUS_INFO_DESC_ {
+ cfg_type_t cfg_type;
+ firmware_level_t implemented_psa_firmware_isolation_level;
+ addr_t ns_start_addr_of_combine_test_binary;
+ is_available_t combine_test_binary_in_ram;
+ addr_t ns_test_addr;
+} miscellaneous_desc_t;
+
+/*val target config read apis */
+val_status_t val_target_get_config(cfg_id_t cfg_id, uint8_t **data, uint32_t *size);
+val_status_t val_target_cfg_get_next(void **blob);
+val_status_t val_target_get_cfg_blob(cfg_id_t cfg_id, uint8_t **data, uint32_t *size);
+val_status_t val_target_get_config(cfg_id_t cfg_id, uint8_t **data, uint32_t *size);
+#endif
diff --git a/psa-ff/val/spe/pal_interfaces_s.h b/psa-ff/val/spe/pal_interfaces_s.h
new file mode 100644
index 0000000..a9edd70
--- /dev/null
+++ b/psa-ff/val/spe/pal_interfaces_s.h
@@ -0,0 +1,93 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_PAL_INTERFACE_APIS_H_
+#define _VAL_PAL_INTERFACE_APIS_H_
+
+
+#include "val/common/val.h"
+
+/* Peripherals APIs */
+
+/*
+ @brief - This function initializes the uart
+ @param - uart_base_addr : Base address of the UART
+ @return -
+*/
+void pal_uart_init(addr_t uart_base_addr);
+
+/*
+ @brief - This function parses the input string and writes byte by byte to print
+ the input string
+ @param - str : Input String
+ - data : Value for Format specifier
+ @return - void
+ */
+void pal_print(char *str, uint32_t data);
+
+/**
+ @brief - Initializes an hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ - time_us : Time in micro seconds
+ - timer_tick_us : Number of ticks per micro second
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_init(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us);
+
+/**
+ @brief - Enables a hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_enable(addr_t base_addr);
+
+/**
+ @brief - Disables a hardware watchdog timer
+ @param - base_addr : Base address of the watchdog module
+ @return - SUCCESS/FAILURE
+**/
+int pal_wd_timer_disable(addr_t base_addr);
+
+
+/**
+ @brief - Checks whether hardware watchdog timer is enabled
+ @param - base_addr : Base address of the watchdog module
+ @return - Enabled : 1, Disabled : 0
+**/
+int pal_wd_timer_is_enabled(addr_t base_addr);
+
+/*
+ @brief - Writes 'size' bytes from buffer into non-volatile memory at a given 'base + offset'
+ @param - base : Base address of NV MEM
+ - offset : Offset
+ - buffer : Pointer to source address
+ - size : Number of bytes
+ @return - error status 0:SUCCESS, 1:FAIL
+*/
+int pal_nvmem_write(addr_t base, uint32_t offset, void *buffer, int size);
+
+/*
+ @brief - Reads 'size' bytes from non-volatile memory at a given
+ 'base + offset' into given buffer
+ @param - base : Base address of NV MEM
+ - offset : Offset
+ - buffer : Pointer to source address
+ - size : Number of bytes
+ @return - error status 0:SUCCESS, 1:FAIL
+*/
+int pal_nvmem_read(addr_t base, uint32_t offset, void *buffer, int size);
+#endif
diff --git a/psa-ff/val/spe/val_driver_service_apis.c b/psa-ff/val/spe/val_driver_service_apis.c
new file mode 100644
index 0000000..ba56f3d
--- /dev/null
+++ b/psa-ff/val/spe/val_driver_service_apis.c
@@ -0,0 +1,142 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+
+#include "val_driver_service_apis.h"
+
+print_verbosity_t g_print_level = PRINT_INFO;
+
+/* UART APIs */
+/*
+ @brief - Initialise the UART
+ @param - uart_base_addr: address of the uart base
+ @param - print_level: g_print_level verbosity
+ @return - val_status_t
+*/
+val_status_t val_uart_init_sf(addr_t uart_base_addr, print_verbosity_t print_level)
+{
+ val_status_t status;
+
+ g_print_level = print_level;
+ status = VAL_STATUS_SUCCESS;
+ pal_uart_init(uart_base_addr);
+ return status;
+}
+/*
+ @brief - This function parses the input string and writes byte by byte to
+ print the input string
+ @param - pointer : Input String
+ - data : Value for Format specifier
+ @return - error status
+ */
+val_status_t val_print_sf(print_verbosity_t verbosity, char *string, uint32_t data)
+{
+ if (verbosity >= g_print_level)
+ {
+ pal_print(string, data);
+ }
+ return VAL_STATUS_SUCCESS;
+}
+
+/* Watchdog APIs */
+/**
+ @brief - Initializes the WatchDog Timer instance
+ @param - base address of the given timer instance
+ - time_us : Time in micro seconds
+ - timer_tick_us : Number of ticks per micro second
+ @return - error status
+**/
+val_status_t val_wd_timer_init_sf(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us)
+{
+ return pal_wd_timer_init(base_addr, time_us, timer_tick_us);
+}
+
+/**
+ @brief - Enable WatchDog Timer instance
+ @param - base address of the given timer instance
+ @return - error status
+**/
+val_status_t val_wd_timer_enable_sf(addr_t base_addr)
+{
+ return pal_wd_timer_enable(base_addr);
+}
+
+/**
+ @brief - Disable Watch Dog Timer instance
+ @param - base address of the given timer instance
+ @return - error status
+**/
+val_status_t val_wd_timer_disable_sf(addr_t base_addr)
+{
+ return pal_wd_timer_disable(base_addr);
+}
+
+/**
+ @brief - Checks if watchdog enabled
+ @param - base address of the given timer instance
+ @return - error status
+**/
+val_status_t val_is_wd_timer_enabled_sf(addr_t base_addr)
+{
+ if (pal_wd_timer_is_enabled(base_addr))
+ {
+ return VAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return VAL_STATUS_ERROR;
+ }
+}
+
+/*
+ @brief - Reads 'size' bytes from Non-volatile memory at a given 'base + offset'
+ into given buffer.
+ - offset : Offset from NV MEM base address
+ - buffer : Pointer to source address
+ - size : Number of bytes
+ @return - val_status_t
+*/
+val_status_t val_nvmem_read_sf(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ if (pal_nvmem_read(base, offset, buffer, size))
+ {
+ return VAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return VAL_STATUS_ERROR;
+ }
+}
+
+/*
+ @brief - Writes 'size' bytes from buffer into non-volatile memory at a given 'base + offset'
+ - offset : Offset
+ - buffer : Pointer to source address
+ - size : Number of bytes
+ @return - val_status_t
+*/
+val_status_t val_nvmem_write_sf(addr_t base, uint32_t offset, void *buffer, int size)
+{
+ if (pal_nvmem_write(base, offset, buffer, size))
+ {
+ return VAL_STATUS_SUCCESS;
+ }
+ else
+ {
+ return VAL_STATUS_ERROR;
+ }
+}
diff --git a/psa-ff/val/spe/val_driver_service_apis.h b/psa-ff/val/spe/val_driver_service_apis.h
new file mode 100644
index 0000000..066a859
--- /dev/null
+++ b/psa-ff/val/spe/val_driver_service_apis.h
@@ -0,0 +1,41 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_DRIVER_PARTITION_APIS_H_
+#define _VAL_DRIVER_PARTITION_APIS_H_
+
+#include "val/common/val.h"
+#include "val/common/val_client_defs.h"
+#include "val_service_defs.h"
+#include "pal_interfaces_s.h"
+
+/* <manifestfilename.h> Manifest definitions. Only accessible to Secure Partition.
+ * The file name is based on the name of the Secure Partitions manifest file.
+ * The name must not collide with other header files.
+ * Compliance tests expect the below manifest output files implementation from build tool.
+ */
+#include "driver_partition_psa.h"
+
+val_status_t val_uart_init_sf(addr_t uart_base_addr, print_verbosity_t print_level);
+val_status_t val_print_sf(print_verbosity_t verbosity, char *string, uint32_t data);
+val_status_t val_wd_timer_init_sf(addr_t base_addr, uint32_t time_us, uint32_t timer_tick_us);
+val_status_t val_wd_timer_enable_sf(addr_t base_addr);
+val_status_t val_wd_timer_disable_sf(addr_t base_addr);
+val_status_t val_is_wd_timer_enabled_sf(addr_t base_addr);
+val_status_t val_nvmem_read_sf(addr_t base, uint32_t offset, void *buffer, int size);
+val_status_t val_nvmem_write_sf(addr_t base, uint32_t offset, void *buffer, int size);
+#endif
diff --git a/psa-ff/val/spe/val_partition_common.h b/psa-ff/val/spe/val_partition_common.h
new file mode 100644
index 0000000..25a32c9
--- /dev/null
+++ b/psa-ff/val/spe/val_partition_common.h
@@ -0,0 +1,496 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+/* Note- This file contains the functions and variables definition which are common to
+ all partitions defined by acs. These functions and variables are declared with static
+ keyword because some fully isolated system may not allow to share code and data segment
+ between partitions and static will help each partition to have its own copy of code and data.
+ Moreover it can prevents symbol names conflict if these functions are separately compiled and
+ linked with each of partitions in fully isolated environment.
+*/
+
+#ifndef _VAL_COMMON_SP_APIS_H_
+#define _VAL_COMMON_SP_APIS_H_
+
+#include "val/common/val.h"
+#include "val_service_defs.h"
+
+/* <manifestfilename.h> Manifest definitions. Only accessible to Secure Partition.
+ * The file name is based on the name of the Secure Partitions manifest file.
+ * The name must not collide with other header files.
+ * Compliance tests expect the below manifest output files implementation from build tool.
+ */
+#include "client_partition_psa.h"
+#include "server_partition_psa.h"
+
+__UNUSED STATIC_DECLARE val_status_t val_print
+ (print_verbosity_t verbosity, char *string, uint32_t data);
+__UNUSED STATIC_DECLARE val_status_t val_ipc_connect
+ (uint32_t sid, uint32_t minor_version, psa_handle_t *handle );
+__UNUSED STATIC_DECLARE val_status_t val_ipc_call
+ (psa_handle_t handle, psa_invec *in_vec, size_t in_len,
+ psa_outvec *out_vec, size_t out_len);
+__UNUSED STATIC_DECLARE void val_ipc_close
+ (psa_handle_t handle);
+__UNUSED STATIC_DECLARE val_status_t val_process_connect_request(psa_signal_t sig, psa_msg_t *msg);
+__UNUSED STATIC_DECLARE val_status_t val_process_call_request(psa_signal_t sig, psa_msg_t *msg);
+__UNUSED STATIC_DECLARE val_status_t val_process_disconnect_request
+ (psa_signal_t sig, psa_msg_t *msg);
+__UNUSED STATIC_DECLARE val_status_t val_execute_secure_tests
+ (uint32_t test_num, client_test_t *tests_list);
+__UNUSED STATIC_DECLARE val_status_t val_execute_secure_test_func
+ (psa_handle_t *handle, test_info_t test_info, uint32_t sid);
+__UNUSED STATIC_DECLARE val_status_t val_get_secure_test_result(psa_handle_t *handle);
+__UNUSED STATIC_DECLARE val_status_t val_err_check_set(uint32_t checkpoint, val_status_t status);
+__UNUSED STATIC_DECLARE val_status_t val_nvmem_write(uint32_t offset, void *buffer, int size);
+__UNUSED STATIC_DECLARE val_status_t val_set_boot_flag(boot_state_t state);
+
+__UNUSED static val_api_t val_api = {
+ .print = val_print,
+ .err_check_set = val_err_check_set,
+ .execute_secure_test_func = val_execute_secure_test_func,
+ .get_secure_test_result = val_get_secure_test_result,
+ .ipc_connect = val_ipc_connect,
+ .ipc_call = val_ipc_call,
+ .ipc_close = val_ipc_close,
+ .set_boot_flag = val_set_boot_flag,
+};
+
+__UNUSED static psa_api_t psa_api = {
+ .framework_version = psa_framework_version,
+ .version = psa_version,
+ .connect = psa_connect,
+ .call = psa_call,
+ .close = psa_close,
+};
+
+/**
+ @brief - Print module. This is client interface API of secure partition
+ val_print_sf API for spe world
+ @param - verbosity: Print verbosity level
+ - string : Input string
+ - data : Value for format specifier
+ @return - val_status_t
+**/
+STATIC_DECLARE val_status_t val_print(print_verbosity_t verbosity, char *string, uint32_t data)
+{
+ int string_len = 0;
+ char *p = string;
+ psa_handle_t print_handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+ val_status_t status = VAL_STATUS_SUCCESS;
+
+ while (*p != '\0')
+ {
+ string_len++;
+ p++;
+ }
+
+ psa_invec data1[3] = {{&verbosity, 4}, {string, string_len+1}, {&data, 4}};
+ print_handle = psa_connect(DRIVER_UART_SID, 0);
+
+ if (print_handle < 0)
+ {
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
+ else
+ {
+ status_of_call = psa_call(print_handle, data1, 3, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ {
+ status = VAL_STATUS_CALL_FAILED;
+ }
+ }
+ psa_close(print_handle);
+ return status;
+}
+
+/**
+ * @brief Connect to given sid
+ @param -sid : RoT service id
+ @param -minor_version : minor_version of RoT service
+ @param -handle - return connection handle
+ * @return val_status_t
+ */
+STATIC_DECLARE val_status_t val_ipc_connect(uint32_t sid, uint32_t minor_version,
+ psa_handle_t *handle )
+{
+ *handle = psa_connect(sid, minor_version);
+
+ if (*handle < 0)
+ {
+ return(VAL_STATUS_CONNECTION_FAILED);
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+/**
+ * @brief Call a connected Root of Trust Service.@n
+ * The caller must provide an array of ::psa_invec_t structures as the input payload.
+ * @param handle: Handle for the connection.
+ * @param in_vec: Array of psa_invec structures.
+ * @param in_len: Number of psa_invec structures in in_vec.
+ * @param out_vec: Array of psa_outvec structures for optional Root of Trust Service response.
+ * @param out_len: Number of psa_outvec structures in out_vec.
+ * @return val_status_t
+ */
+STATIC_DECLARE val_status_t val_ipc_call(psa_handle_t handle, psa_invec *in_vec, size_t in_len,
+ psa_outvec *out_vec, size_t out_len)
+{
+ psa_status_t call_status = PSA_SUCCESS;
+
+ call_status = psa_call(handle, in_vec, in_len, out_vec, out_len);
+
+ if (call_status != PSA_SUCCESS)
+ {
+ return(VAL_STATUS_CALL_FAILED);
+ }
+
+ return VAL_STATUS_SUCCESS;
+}
+
+/**
+ * @brief Close a connection to a Root of Trust Service.
+ * Sends the PSA_IPC_DISCONNECT message to the Root of Trust Service so
+ it can clean up resources.
+ * @param handle: Handle for the connection.
+ * @return void
+ */
+STATIC_DECLARE void val_ipc_close(psa_handle_t handle)
+{
+ psa_close(handle);
+}
+
+/**
+ * @brief Proccess a generic connect message to given rot signal.
+ @param -sig : signal to be processed
+ @param -msg : return msg info of given signal
+ * @return val_status_t.
+ */
+STATIC_DECLARE val_status_t val_process_connect_request(psa_signal_t sig, psa_msg_t *msg)
+{
+ val_status_t res = VAL_STATUS_ERROR;
+ psa_signal_t signals;
+
+wait1:
+ signals = psa_wait_any(PSA_BLOCK);
+ if (signals & sig)
+ {
+ if (psa_get(sig, msg) != PSA_SUCCESS)
+ {
+ goto wait1;
+ }
+
+ if ((msg->type != PSA_IPC_CONNECT) || (msg->handle <= 0))
+ {
+ val_print(PRINT_ERROR, "\npsa_get failed for PSA_IPC_CONNECT", 0);
+ res = VAL_STATUS_ERROR;
+ }
+ else
+ {
+ res = VAL_STATUS_SUCCESS;
+ }
+ }
+ else
+ {
+ val_print(PRINT_ERROR, "\npsa_wait_any returned with invalid signal value = 0x%x", signals);
+ res = VAL_STATUS_ERROR;
+ }
+ return res;
+}
+
+/**
+ * @brief Proccess a generic call message to given rot signal.
+ @param -sig : signal to be processed
+ @param -msg : return msg info of given signal
+ * @return val_status_t
+ */
+STATIC_DECLARE val_status_t val_process_call_request(psa_signal_t sig, psa_msg_t *msg)
+{
+ val_status_t res = VAL_STATUS_ERROR;
+ psa_signal_t signals;
+
+wait2:
+ signals = psa_wait_any(PSA_BLOCK);
+ if (signals & sig)
+ {
+ if (psa_get(sig, msg) != PSA_SUCCESS)
+ {
+ goto wait2;
+ }
+
+ if ((msg->type != PSA_IPC_CALL) || (msg->handle <= 0))
+ {
+ val_print(PRINT_ERROR, "\npsa_get failed for PSA_IPC_CALL", 0);
+ res = VAL_STATUS_ERROR;
+ }
+ else
+ {
+ res = VAL_STATUS_SUCCESS;
+ }
+ }
+ else
+ {
+ val_print(PRINT_ERROR, "\npsa_wait_any returned with invalid signal value = 0x%x", signals);
+ res = VAL_STATUS_ERROR;
+ }
+ return res;
+}
+
+/**
+ * @brief Proccess a generic disconnect message to given rot signal.
+ @param -sig : signal to be processed
+ @param -msg : return msg info of given signal
+ * @return val_status_t
+ */
+STATIC_DECLARE val_status_t val_process_disconnect_request(psa_signal_t sig, psa_msg_t *msg)
+{
+ val_status_t res = VAL_STATUS_ERROR;
+ psa_signal_t signals;
+
+wait3:
+ signals = psa_wait_any(PSA_BLOCK);
+ if (signals & sig)
+ {
+ if (psa_get(sig, msg) != PSA_SUCCESS)
+ {
+ goto wait3;
+ }
+
+ if ((msg->type != PSA_IPC_DISCONNECT) || (msg->handle <= 0))
+ {
+ val_print(PRINT_ERROR, "\npsa_get failed for PSA_IPC_DISCONNECT", 0);
+ res = VAL_STATUS_ERROR;
+ }
+ else
+ {
+ res = VAL_STATUS_SUCCESS;
+ }
+ }
+ else
+ {
+ val_print(PRINT_ERROR, "\npsa_wait_any returned with invalid signal value = 0x%x", signals);
+ res = VAL_STATUS_ERROR;
+ }
+ return res;
+}
+
+/**
+ @brief - This function executes given list of tests from secure sequentially
+ This covers secure to secure IPC API scenario
+ @param - test_num : Test_num
+ @param - tests_list : list of tests to be executed
+ @return - val_status_t
+**/
+STATIC_DECLARE val_status_t val_execute_secure_tests(uint32_t test_num, client_test_t *tests_list)
+{
+ val_status_t status = VAL_STATUS_SUCCESS;
+ val_status_t test_status = VAL_STATUS_SUCCESS;
+ psa_handle_t handle;
+ int i = 1;
+ test_info_t test_info;
+
+ test_info.test_num = test_num;
+ val_print(PRINT_TEST, "[Info] Executing tests form secure\n", 0);
+
+ while (tests_list[i] != NULL)
+ {
+
+ /* Handshake with server tests */
+ test_info.block_num = i;
+ status = val_execute_secure_test_func(&handle, test_info, SERVER_TEST_DISPATCHER_SID);
+ if (VAL_ERROR(status))
+ {
+ val_print(PRINT_ERROR,"[Check%d] START\n", i);
+ return status;
+ }
+ else
+ {
+ val_print(PRINT_DEBUG,"[Check%d] START\n", i);
+ }
+
+ /* Execute client tests */
+ test_status = tests_list[i](SECURE);
+
+ /* Retrive Server test status */
+ status = val_get_secure_test_result(&handle);
+
+ status = test_status ? test_status:status;
+ if (VAL_ERROR(status))
+ {
+ val_print(PRINT_ERROR,"[Check%d] FAILED\n", i);
+ return status;
+ }
+ else
+ {
+ val_print(PRINT_DEBUG,"[Check%d] PASSED\n", i);
+ }
+ i++;
+ }
+ return status;
+}
+
+/**
+ @brief - This function is used to handshake between:
+ - nonsecure client to server test fn
+ - secure client and server test fn
+ - nonsecure client to secure client test fn
+ @param - handle : handle returned while connecting given sid
+ @param - test_info : Test_num and block_num to be executed
+ @param - sid : RoT service to be connected. Partition dispatcher sid
+ @return - val_status_t
+**/
+STATIC_DECLARE val_status_t val_execute_secure_test_func(psa_handle_t *handle,
+ test_info_t test_info,
+ uint32_t sid)
+{
+ uint32_t test_data;
+ val_status_t status = VAL_STATUS_SUCCESS;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ *handle = psa_connect(sid, 0);
+
+ if (*handle < 0)
+ {
+ val_print(PRINT_ERROR, "Could not connect SID. Handle=%x\n", *handle);
+ status = VAL_STATUS_CONNECTION_FAILED;
+ }
+
+ test_data = ((uint32_t)(test_info.test_num) | ((uint32_t)(test_info.block_num) << BLOCK_NUM_POS)
+ | ((uint32_t)(TEST_EXECUTE_FUNC) << ACTION_POS));
+ psa_invec data[1] = {{&test_data, sizeof(test_data)}};
+
+ status_of_call = psa_call(*handle, data, 1, NULL, 0);
+
+ if (status_of_call != PSA_SUCCESS)
+ {
+ status = VAL_STATUS_CALL_FAILED;
+ val_print(PRINT_ERROR, "Call to dispatch SF failed. Status=%x\n", status_of_call);
+ psa_close(*handle);
+ }
+ return status;
+}
+
+/**
+ @brief - This function is used to retrive the status of previously connected test function
+ using val_execute_secure_test_func
+ @param - handle : handle of server function. Handle of Partition dispatcher sid
+ @return - The status of test functions
+**/
+STATIC_DECLARE val_status_t val_get_secure_test_result(psa_handle_t *handle)
+{
+ uint32_t test_data;
+ val_status_t status = VAL_STATUS_SUCCESS;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ test_data = (TEST_RETURN_RESULT << ACTION_POS);
+
+ psa_outvec resp = {&status, sizeof(status)};
+ psa_invec data[1] = {{&test_data, sizeof(test_data)}};
+
+ status_of_call = psa_call(*handle, data, 1, &resp, 1);
+ if (status_of_call != PSA_SUCCESS)
+ {
+ status = VAL_STATUS_CALL_FAILED;
+ val_print(PRINT_ERROR, "Call to dispatch SF failed. Status=%x\n", status_of_call);
+ }
+
+ psa_close(*handle);
+ return status;
+}
+
+/*
+ @brief - This function checks if the input status argument is an error.
+ On error, print the checkpoint value
+ @param - checkpoint : Test debug checkpoint
+ - val_status_t : Test status
+ @return - returns the input status back to the program.
+*/
+STATIC_DECLARE val_status_t val_err_check_set(uint32_t checkpoint, val_status_t status)
+{
+ if (VAL_ERROR(status))
+ {
+ val_print(PRINT_ERROR, "\tCheckpoint %d : ", checkpoint);
+ val_print(PRINT_ERROR, "Error Code=0x%x \n", status);
+ }
+ else
+ {
+ val_print(PRINT_DEBUG, "\tCheckpoint %d \n", checkpoint);
+ }
+ return status;
+}
+
+/*
+ @brief - Writes 'size' bytes from buffer into non-volatile memory at a given
+ 'base + offset'. This is client interface API of secure partition
+ val_nvmem_write_sf API for spe world
+ - offset : Offset
+ - buffer : Pointer to source address
+ - size : Number of bytes
+ @return - val_status_t
+*/
+STATIC_DECLARE val_status_t val_nvmem_write(uint32_t offset, void *buffer, int size)
+{
+ nvmem_param_t nvmem_param;
+ psa_handle_t handle = 0;
+ psa_status_t status_of_call = PSA_SUCCESS;
+
+ nvmem_param.nvmem_fn_type = NVMEM_WRITE;
+ nvmem_param.offset = offset;
+ nvmem_param.size = size;
+ psa_invec invec[2] = {{&nvmem_param, sizeof(nvmem_param)}, {buffer, size}};
+
+ handle = psa_connect(DRIVER_NVMEM_SID, 0);
+ if (handle < 0)
+ {
+ return VAL_STATUS_CONNECTION_FAILED;
+ }
+ else
+ {
+ status_of_call = psa_call(handle, invec, 2, NULL, 0);
+ if (status_of_call != PSA_SUCCESS)
+ {
+ psa_close(handle);
+ return VAL_STATUS_CALL_FAILED;
+ }
+ }
+ psa_close(handle);
+ return VAL_STATUS_SUCCESS;
+}
+
+/**
+ @brief - This function sets the given boot.state value to corresponding
+ boot NVMEM location
+ @param - state: boot_state_t
+ @return - val_status_t
+**/
+STATIC_DECLARE val_status_t val_set_boot_flag(boot_state_t state)
+{
+ boot_t boot;
+ val_status_t status;
+
+ boot.state = state;
+ status = val_nvmem_write(VAL_NVMEM_OFFSET(NV_BOOT), &boot, sizeof(boot_t));
+ if (VAL_ERROR(status))
+ {
+ val_print(PRINT_ERROR, "val_nvmem_write failed Error=0x%x\n", status);
+ return status;
+ }
+ return status;
+}
+#endif
diff --git a/psa-ff/val/spe/val_service_defs.h b/psa-ff/val/spe/val_service_defs.h
new file mode 100644
index 0000000..6a0e03d
--- /dev/null
+++ b/psa-ff/val/spe/val_service_defs.h
@@ -0,0 +1,104 @@
+/** @file
+ * Copyright (c) 2018, Arm Limited or its affiliates. All rights reserved.
+ * SPDX-License-Identifier : Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+**/
+
+#ifndef _VAL_PSA_SERVICE_H_
+#define _VAL_PSA_SERVICE_H_
+
+/***************** PSA Secure Function API *****************/
+
+/* Note - This header file containts the declaration of PSA defined secure partition service API
+ elements. Ideally, These elements must be defined in a header file <psa_service.h> by SPM
+ implemented library and provided to clients operation in NSPE and SPE as per the specification.
+ If this is available in the platform, the elements declared as part of this
+ file can be overwritten by passing --include <path_to_psa_service_h> to setup.sh script.
+ */
+
+#if 1
+/* <psa_service.h>: Secure Partition API elements. Only accessible to Secure Partition */
+#include "psa_service.h"
+
+#else
+#include "val/common/val.h"
+
+#define PSA_POLL 0x00000000U
+#define PSA_BLOCK 0x80000000U
+#define PSA_DOORBELL 0x00000008U
+#define PSA_IPC_CONNECT 1
+#define PSA_IPC_CALL 2
+#define PSA_IPC_DISCONNECT 3
+#define PSA_MAX_IOVEC 4
+#define PSA_ERR_NOMSG (INT32_MIN + 3)
+
+typedef uint32_t psa_signal_t;
+typedef struct psa_msg_t psa_msg_t;
+
+typedef struct psa_msg_t {
+ uint32_t type;
+ psa_handle_t handle;
+ int32_t client_id;
+ void *rhandle;
+ size_t in_size[PSA_MAX_IOVEC];
+ size_t out_size[PSA_MAX_IOVEC];
+} psa_msg_t;
+
+
+/* The implementation for following PSA service APIs should come from SPM */
+psa_signal_t psa_wait_any(uint32_t timeout);
+psa_signal_t psa_wait_interrupt(psa_signal_t signal_mask, uint32_t timeout);
+void psa_set_rhandle(psa_handle_t msg_handle, void *rhandle);
+psa_status_t psa_get(psa_signal_t signal, psa_msg_t *msg);
+size_t psa_read(psa_handle_t msg_handle, uint32_t invec_idx,
+ void *buffer, size_t num_bytes);
+size_t psa_skip(psa_handle_t msg_handle, uint32_t invec_idx,
+ size_t num_bytes);
+void psa_write(psa_handle_t msg_handle, uint32_t outvec_idx,
+ const void *buffer, size_t num_bytes);
+void psa_reply(psa_handle_t msg_handle, psa_status_t status);
+void psa_notify(int32_t partition_id);
+void psa_clear(psa_signal_t doorbell_signal);
+void psa_eoi(psa_signal_t irq_signal);
+#endif /* #if 1 */
+
+/* struct of function pointers to uniqify nspe and spe client interface for test */
+typedef struct {
+ uint32_t (*framework_version) (void);
+ uint32_t (*version) (uint32_t sid);
+ psa_handle_t (*connect) (uint32_t sid, uint32_t minor_version);
+ psa_status_t (*call) (psa_handle_t handle,
+ const psa_invec *in_vec,
+ size_t in_len,
+ psa_outvec *out_vec,
+ size_t out_len
+ );
+ psa_status_t (*close) (psa_handle_t handle);
+} psa_api_t;
+
+typedef struct {
+ val_status_t (*print) (print_verbosity_t verbosity,
+ char *string, uint32_t data);
+ val_status_t (*err_check_set) (uint32_t checkpoint, val_status_t status);
+ val_status_t (*execute_secure_test_func) (psa_handle_t *handle, test_info_t test_info,
+ uint32_t sid);
+ val_status_t (*get_secure_test_result) (psa_handle_t *handle);
+ val_status_t (*ipc_connect) (uint32_t sid, uint32_t minor_version,
+ psa_handle_t *handle );
+ val_status_t (*ipc_call) (psa_handle_t handle, psa_invec *in_vec,
+ size_t in_len, psa_outvec *out_vec, size_t out_len);
+ void (*ipc_close) (psa_handle_t handle);
+ val_status_t (*set_boot_flag) (boot_state_t state);
+} val_api_t;
+#endif