TF-M Reference Manual  1.2.0
TrustedFirmware-M
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
attest_token_test.c File Reference

Implementation for attestation token tests. More...

#include "attest_token_test.h"
#include "q_useful_buf.h"
#include "psa/initial_attestation.h"
#include "attest_token_decode.h"
#include "attest_token_test_values.h"
#include "psa/crypto.h"
Include dependency graph for attest_token_test.c:

Go to the source code of this file.

Enumerations

enum  decode_test_mode_t { SHORT_CIRCUIT_SIGN, NORMAL_SIGN, COSE_MAC0, COSE_MAC0_SHORT_CIRCUIT_TAG }
 

Functions

int token_main_alt (uint32_t option_flags, struct q_useful_buf_c nonce, struct q_useful_buf buffer, struct q_useful_buf_c *completed_token)
 An alternate token_main() that packs the option flags into the nonce. More...
 
int_fast16_t decode_test_short_circuit_sig (void)
 Test by checking short-circuit signed values of claims. More...
 
int_fast16_t decode_test_normal_sig (void)
 Test by checking signed values of claims. More...
 

Detailed Description

Implementation for attestation token tests.

This uses attest_token_decode for the main full test case. That in turn uses t_cose_sign1_verify. These implementations of token decoding and COSE sig verification are still considered test code even though they are getting close to real implementations that could be used for other than test.

Most of the code here is for comparing the values in the token to expected good values.

Definition in file attest_token_test.c.

Enumeration Type Documentation

Modes for decode_test_internal()

Enumerator
SHORT_CIRCUIT_SIGN 

See documentation for decode_test_short_circuit_sig()

NORMAL_SIGN 

See documentation for decode_test_normal_sig()

COSE_MAC0 

See documentation for decode_test_symmetric_initial_attest()

COSE_MAC0_SHORT_CIRCUIT_TAG 

See documentation for decode_test_symmetric_iat_short_circuit_tag()

Definition at line 839 of file attest_token_test.c.

Function Documentation

int_fast16_t decode_test_normal_sig ( void  )

Test by checking signed values of claims.

Returns
non-zero on failure.

This is an extensive test that can compare the values in the token to expected valued compiled into the test app from token_test_values.h. All the values represented in attest_token_iat_simple_t and in attest_token_sw_component_t are checked.

This uses real ECDSA keys for both signing and verificaiton. It requires that the t_cose crypto porting layer operates correctly and that all keys are present. See also decode_test_short_circuit_sig().

Definition at line 1007 of file attest_token_test.c.

int_fast16_t decode_test_short_circuit_sig ( void  )

Test by checking short-circuit signed values of claims.

Returns
non-zero on failure.

This is an extensive test that can compare the values in the token to expected valued compiled into the test app from token_test_values.h. All the values represented in attest_token_iat_simple_t and in attest_token_sw_component_t are checked.

This uses a short-circuit signature rather than real ECDSA keys. This tests everything in the implementation except the final signing of the final hash with ECDSA and the converse verification. It is thorough test of everything by ECDSA integration. It can work even without ECDSA integration and without any keys configured.

Definition at line 998 of file attest_token_test.c.

int token_main_alt ( uint32_t  option_flags,
struct q_useful_buf_c  nonce,
struct q_useful_buf  buffer,
struct q_useful_buf_c *  completed_token 
)

An alternate token_main() that packs the option flags into the nonce.

Parameters
[in]option_flagsFlag bits to pack into nonce.
[in]noncePointer and length of the nonce.
[in]bufferPointer and length of buffer to output the token into.
[out]completed_tokenPlace to put pointer and length of completed token.
Returns
various errors. See psa_status_t.

Definition at line 52 of file attest_token_test.c.

Here is the call graph for this function: