ARMmbed · cmonr · Mar 1, 2019 · Feb 12, 2019 · Feb 14, 2019 · Feb 14, 2019
diff --git a/TESTS/psa/crypto_access_control/COMPONENT_NSPE/main.cpp b/TESTS/psa/crypto_access_control/COMPONENT_NSPE/main.cpp
diff --git a/TESTS/psa/crypto_access_control/COMPONENT_PSA_SRV_IPC/test_partition_proxy.c b/TESTS/psa/crypto_access_control/COMPONENT_PSA_SRV_IPC/test_partition_proxy.c
@@ -0,0 +1,128 @@
+/*
+ * Copyright (c) 2019, Arm Limited and affiliates
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "psa/client.h"
+#include "psa_test_partition_ifs.h"
+#include "test_partition_proxy.h"
+
+#define MINOR_VER 1
+
+static psa_status_t invoke_ipc_call(uint32_t sid, psa_invec *in_vec, size_t in_vec_size,
+                                    psa_outvec *out_vec, size_t out_vec_size)
+{
+    psa_status_t status;
+
+    psa_handle_t handle = psa_connect(sid, MINOR_VER);
+    if (handle <= 0) {
+        return (PSA_ERROR_COMMUNICATION_FAILURE);
+    }
+
+    status = psa_call(handle, in_vec, in_vec_size, out_vec, out_vec_size);
+    psa_close(handle);
+
+    return (status);
+}
+
+psa_status_t test_partition_crypto_create_persistent_key(psa_key_id_t key_id, psa_key_handle_t *key_handle)
+{
+    psa_invec in_vec = { &key_id, sizeof(key_id) };
+    psa_outvec out_vec = { key_handle, sizeof(*key_handle) };
+    psa_status_t status = invoke_ipc_call(CRYPTO_CREATE_PERSISTENT_KEY, &in_vec, 1, &out_vec, 1);
+    return (status);
+}
+
+psa_status_t test_partition_crypto_set_key_policy(psa_key_handle_t key_handle, psa_key_usage_t key_usage,
+                                                  psa_algorithm_t key_alg)
+{
+    psa_invec in_vec[3] = {
+        { &key_handle, sizeof(key_handle) },
+        { &key_usage, sizeof(key_usage) },
+        { &key_alg, sizeof(key_alg) }
+    };
+    psa_status_t status = invoke_ipc_call(CRYPTO_SET_KEY_POLICY, in_vec, 3, NULL, 0);
+    return (status);
+}
+
+psa_status_t test_partition_crypto_get_key_policy(psa_key_handle_t key_handle, psa_key_usage_t *key_usage,
+                                                  psa_algorithm_t *key_alg)
+{
+    psa_invec in_vec = { &key_handle, sizeof(key_handle) };
+    psa_outvec out_vec[2] = {
+        { key_usage, sizeof(*key_usage) },
+        { key_alg, sizeof(*key_alg) }
+    };
+    psa_status_t status = invoke_ipc_call(CRYPTO_GET_KEY_POLICY, &in_vec, 1, out_vec, 2);
+    return (status);
+}
+
+psa_status_t test_partition_crypto_get_key_information(psa_key_handle_t key_handle, psa_key_type_t *key_type,
+                                                       size_t *key_bits)
+{
+    psa_invec in_vec = { &key_handle, sizeof(key_handle) };
+    psa_outvec out_vec[2] = {
+        { key_type, sizeof(*key_type) },
+        { key_bits, sizeof(*key_bits) }
+    };
+    psa_status_t status = invoke_ipc_call(CRYPTO_GET_KEY_INFO, &in_vec, 1, out_vec, 2);
+    return (status);
+}
+
+psa_status_t test_partition_crypto_generate_key(psa_key_handle_t key_handle, psa_key_type_t key_type, size_t key_bits)
+{
+    psa_invec in_vec[3] = {
+        { &key_handle, sizeof(key_handle) },
+        { &key_type, sizeof(key_type) },
+        { &key_bits, sizeof(key_bits) }
+    };
+    psa_status_t status = invoke_ipc_call(CRYPTO_GENERATE_KEY, in_vec, 3, NULL, 0);
+    return (status);
+}
+
+psa_status_t test_partition_crypto_open_persistent_key(psa_key_id_t key_id, psa_key_handle_t *key_handle)
+{
+    psa_invec in_vec = { &key_id, sizeof(key_id) };
+    psa_outvec out_vec = { key_handle, sizeof(*key_handle) };
+    psa_status_t status = invoke_ipc_call(CRYPTO_OPEN_PERSISTENT_KEY, &in_vec, 1, &out_vec, 1);
+    return (status);
+}
+
+psa_status_t test_partition_crypto_close_key(psa_key_handle_t key_handle)
+{
+    psa_invec in_vec = { &key_handle, sizeof(key_handle) };
+    psa_status_t status = invoke_ipc_call(CRYPTO_CLOSE_KEY, &in_vec, 1, NULL, 0);
+    return (status);
+}
+
+psa_status_t test_partition_crypto_destroy_key(psa_key_handle_t key_handle)
+{
+    psa_invec in_vec = { &key_handle, sizeof(key_handle) };
+    psa_status_t status = invoke_ipc_call(CRYPTO_DESTROY_KEY, &in_vec, 1, NULL, 0);
+    return (status);
+}
+
+psa_status_t test_partition_crypto_import_key(psa_key_handle_t key_handle, psa_key_type_t key_type,
+                                              const unsigned char *key_data, size_t key_data_size)
+{
+    psa_invec in_vec[4] = {
+        { &key_handle, sizeof(key_handle) },
+        { &key_type, sizeof(key_type) },
+        { &key_data_size, sizeof(key_data_size) },
+        { key_data, key_data_size }
+    };
+    psa_status_t status = invoke_ipc_call(CRYPTO_IMPORT_KEY, in_vec, 4, NULL, 0);
+    return (status);
+}
diff --git a/TESTS/psa/crypto_access_control/COMPONENT_PSA_SRV_IPC/test_partition_proxy.h b/TESTS/psa/crypto_access_control/COMPONENT_PSA_SRV_IPC/test_partition_proxy.h
@@ -0,0 +1,53 @@
+/*
+ * Copyright (c) 2019, Arm Limited and affiliates
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef TEST_PARTITION_PROXY_H
+#define TEST_PARTITION_PROXY_H
+
+#include "psa/crypto.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+psa_status_t test_partition_crypto_create_persistent_key(psa_key_id_t key_id, psa_key_handle_t *key_handle);
+
+psa_status_t test_partition_crypto_set_key_policy(psa_key_handle_t key_handle, psa_key_usage_t key_usage,
+                                                  psa_algorithm_t key_alg);
+
+psa_status_t test_partition_crypto_get_key_policy(psa_key_handle_t key_handle, psa_key_usage_t *key_usage,
+                                                  psa_algorithm_t *key_alg);
+
+psa_status_t test_partition_crypto_get_key_information(psa_key_handle_t key_handle, psa_key_type_t *key_type,
+                                                       size_t *key_bits);
+
+psa_status_t test_partition_crypto_generate_key(psa_key_handle_t key_handle, psa_key_type_t key_type, size_t key_bits);
+
+psa_status_t test_partition_crypto_open_persistent_key(psa_key_id_t key_id, psa_key_handle_t *key_handle);
+
+psa_status_t test_partition_crypto_close_key(psa_key_handle_t key_handle);
+
+psa_status_t test_partition_crypto_destroy_key(psa_key_handle_t key_handle);
+
+psa_status_t test_partition_crypto_import_key(psa_key_handle_t key_handle, psa_key_type_t key_type,
+                                              const unsigned char *key_data, size_t key_data_size);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* TEST_PARTITION_PROXY_H */
diff --git a/TESTS/psa/crypto_access_control/COMPONENT_SPE/TARGET_MBED_SPM/psa_test_partition_partition.c b/TESTS/psa/crypto_access_control/COMPONENT_SPE/TARGET_MBED_SPM/psa_test_partition_partition.c
@@ -0,0 +1,203 @@
+/* Copyright (c) 2017-2019 ARM Limited
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/***********************************************************************************************************************
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ * THIS FILE IS AN AUTO-GENERATED FILE - DO NOT MODIFY IT.
+ * !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+ * Template Version 1.0
+ * Generated by tools/spm/generate_partition_code.py Version 1.0
+ **********************************************************************************************************************/
+
+#include "cmsis.h"
+#include "mbed_toolchain.h" /* For using MBED_ALIGN macro */
+#include "rtx_os.h"
+#include "spm_panic.h"
+#include "spm_internal.h"
+#include "psa_test_partition_partition.h"
+#include "psa_test_partition_ifs.h"
+#include "psa_crypto_srv_ifs.h"
+
+
+/* Threads stacks */
+MBED_ALIGN(8) uint8_t test_partition_thread_stack[512] = {0};
+
+/* Threads control blocks */
+osRtxThread_t test_partition_thread_cb = {0};
+
+/* Thread attributes - for thread initialization */
+osThreadAttr_t test_partition_thread_attr = {
+    .name = "test_partition",
+    .attr_bits = 0,
+    .cb_mem = &test_partition_thread_cb,
+    .cb_size = sizeof(test_partition_thread_cb),
+    .stack_mem = test_partition_thread_stack,
+    .stack_size = 512,
+    .priority = osPriorityNormal,
+    .tz_module = 0,
+    .reserved = 0
+};
+
+spm_rot_service_t test_partition_rot_services[TEST_PARTITION_ROT_SRV_COUNT] = {
+    {
+        .sid = CRYPTO_CREATE_PERSISTENT_KEY,
+        .mask = CRYPTO_CREATE_PERSISTENT_KEY_MSK,
+        .partition = NULL,
+        .min_version = 1,
+        .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED,
+        .allow_nspe = true,
+        .queue = {
+            .head = NULL,
+            .tail = NULL
+        }
+    },
+    {
+        .sid = CRYPTO_GENERATE_KEY,
+        .mask = CRYPTO_GENERATE_KEY_MSK,
+        .partition = NULL,
+        .min_version = 1,
+        .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED,
+        .allow_nspe = true,
+        .queue = {
+            .head = NULL,
+            .tail = NULL
+        }
+    },
+    {
+        .sid = CRYPTO_OPEN_PERSISTENT_KEY,
+        .mask = CRYPTO_OPEN_PERSISTENT_KEY_MSK,
+        .partition = NULL,
+        .min_version = 1,
+        .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED,
+        .allow_nspe = true,
+        .queue = {
+            .head = NULL,
+            .tail = NULL
+        }
+    },
+    {
+        .sid = CRYPTO_CLOSE_KEY,
+        .mask = CRYPTO_CLOSE_KEY_MSK,
+        .partition = NULL,
+        .min_version = 1,
+        .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED,
+        .allow_nspe = true,
+        .queue = {
+            .head = NULL,
+            .tail = NULL
+        }
+    },
+    {
+        .sid = CRYPTO_SET_KEY_POLICY,
+        .mask = CRYPTO_SET_KEY_POLICY_MSK,
+        .partition = NULL,
+        .min_version = 1,
+        .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED,
+        .allow_nspe = true,
+        .queue = {
+            .head = NULL,
+            .tail = NULL
+        }
+    },
+    {
+        .sid = CRYPTO_DESTROY_KEY,
+        .mask = CRYPTO_DESTROY_KEY_MSK,
+        .partition = NULL,
+        .min_version = 1,
+        .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED,
+        .allow_nspe = true,
+        .queue = {
+            .head = NULL,
+            .tail = NULL
+        }
+    },
+    {
+        .sid = CRYPTO_GET_KEY_INFO,
+        .mask = CRYPTO_GET_KEY_INFO_MSK,
+        .partition = NULL,
+        .min_version = 1,
+        .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED,
+        .allow_nspe = true,
+        .queue = {
+            .head = NULL,
+            .tail = NULL
+        }
+    },
+    {
+        .sid = CRYPTO_GET_KEY_POLICY,
+        .mask = CRYPTO_GET_KEY_POLICY_MSK,
+        .partition = NULL,
+        .min_version = 1,
+        .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED,
+        .allow_nspe = true,
+        .queue = {
+            .head = NULL,
+            .tail = NULL
+        }
+    },
+    {
+        .sid = CRYPTO_IMPORT_KEY,
+        .mask = CRYPTO_IMPORT_KEY_MSK,
+        .partition = NULL,
+        .min_version = 1,
+        .min_version_policy = PSA_MINOR_VERSION_POLICY_RELAXED,
+        .allow_nspe = true,
+        .queue = {
+            .head = NULL,
+            .tail = NULL
+        }
+    },
+};
+
+/* External SIDs used by TEST_PARTITION */
+const uint32_t test_partition_external_sids[1] = {
+    PSA_KEY_MNG_ID,
+};
+
+static osRtxMutex_t test_partition_mutex = {0};
+static const osMutexAttr_t test_partition_mutex_attr = {
+    .name = "test_partition_mutex",
+    .attr_bits = osMutexRecursive | osMutexPrioInherit | osMutexRobust,
+    .cb_mem = &test_partition_mutex,
+    .cb_size = sizeof(test_partition_mutex),
+};
+
+
+extern void test_partition_main(void *ptr);
+
+void test_partition_init(spm_partition_t *partition)
+{
+    if (NULL == partition) {
+        SPM_PANIC("partition is NULL!\n");
+    }
+
+    partition->mutex = osMutexNew(&test_partition_mutex_attr);
+    if (NULL == partition->mutex) {
+        SPM_PANIC("Failed to create mutex for secure partition test_partition!\n");
+    }
+
+    for (uint32_t i = 0; i < TEST_PARTITION_ROT_SRV_COUNT; ++i) {
+        test_partition_rot_services[i].partition = partition;
+    }
+    partition->rot_services = test_partition_rot_services;
+
+    partition->thread_id = osThreadNew(test_partition_main, NULL, &test_partition_thread_attr);
+    if (NULL == partition->thread_id) {
+        SPM_PANIC("Failed to create start main thread of partition test_partition!\n");
+    }
+}
+