mirror of https://github.com/ARMmbed/mbed-os.git
Changing methods names, adding NVSTORE_ENABLED check for compilation and fixing doxygen issues
parent
a8febd57a1
commit
206ca6cbf5
|
@ -20,6 +20,10 @@
|
|||
#include "greentea-client/test_env.h"
|
||||
#include "nvstore.h"
|
||||
|
||||
#if !NVSTORE_ENABLED
|
||||
#error [NOT_SUPPORTED] NVSTORE needs to be enabled for this test
|
||||
#endif
|
||||
|
||||
using namespace utest::v1;
|
||||
|
||||
#define MSG_VALUE_DUMMY "0"
|
||||
|
@ -34,8 +38,8 @@ using namespace utest::v1;
|
|||
#define MSG_KEY_DEVICE_TEST_STEP4 "check_consistency_step4"
|
||||
#define MSG_KEY_DEVICE_TEST_SUITE_ENDED "Test suite ended"
|
||||
|
||||
void device_key_derived_key_consistency_16_byte_key_reset_test(char *key);
|
||||
void device_key_derived_key_consistency_32_byte_key_reset_test(char *key);
|
||||
void generate_derived_key_consistency_16_byte_key_reset_test(char *key);
|
||||
void generate_derived_key_consistency_32_byte_key_reset_test(char *key);
|
||||
|
||||
/*
|
||||
* Injection of a dummy key when there is no TRNG
|
||||
|
@ -55,7 +59,7 @@ int inject_dummy_rot_key()
|
|||
#endif
|
||||
}
|
||||
|
||||
void device_key_derived_key_reset_test()
|
||||
void generate_derived_key_reset_test()
|
||||
{
|
||||
greentea_send_kv(MSG_KEY_DEVICE_READY, MSG_VALUE_DUMMY);
|
||||
|
||||
|
@ -67,12 +71,12 @@ void device_key_derived_key_reset_test()
|
|||
greentea_parse_kv(key, value, MSG_KEY_LEN, MSG_VALUE_LEN);
|
||||
|
||||
if (strcmp(key, MSG_KEY_DEVICE_TEST_STEP1) == 0 || strcmp(key, MSG_KEY_DEVICE_TEST_STEP2) == 0) {
|
||||
device_key_derived_key_consistency_16_byte_key_reset_test(key);
|
||||
return device_key_derived_key_reset_test();
|
||||
generate_derived_key_consistency_16_byte_key_reset_test(key);
|
||||
return generate_derived_key_reset_test();
|
||||
}
|
||||
|
||||
if (strcmp(key, MSG_KEY_DEVICE_TEST_STEP3) == 0 || strcmp(key, MSG_KEY_DEVICE_TEST_STEP4) == 0) {
|
||||
return device_key_derived_key_consistency_32_byte_key_reset_test(key);
|
||||
return generate_derived_key_consistency_32_byte_key_reset_test(key);
|
||||
}
|
||||
|
||||
TEST_ASSERT_MESSAGE(false, key); //Indicates error!!!
|
||||
|
@ -81,7 +85,7 @@ void device_key_derived_key_reset_test()
|
|||
/*
|
||||
* Test the consistency of derived 16 byte key result after device reset.
|
||||
*/
|
||||
void device_key_derived_key_consistency_16_byte_key_reset_test(char *key)
|
||||
void generate_derived_key_consistency_16_byte_key_reset_test(char *key)
|
||||
{
|
||||
unsigned char output1[DEVICE_KEY_16BYTE];
|
||||
unsigned char output2[DEVICE_KEY_16BYTE];
|
||||
|
@ -104,7 +108,7 @@ void device_key_derived_key_consistency_16_byte_key_reset_test(char *key)
|
|||
TEST_ASSERT_EQUAL_INT(DEVICEKEY_SUCCESS, ret);
|
||||
|
||||
memset(output1, 0, sizeof(output1));
|
||||
ret = devkey.device_key_derived_key(salt, salt_size, output1, key_type);
|
||||
ret = devkey.generate_derived_key(salt, salt_size, output1, key_type);
|
||||
TEST_ASSERT_EQUAL_INT32(0, ret);
|
||||
bool is_empty = !memcmp(empty_buffer, output1, sizeof(output1));
|
||||
TEST_ASSERT_FALSE(is_empty);
|
||||
|
@ -125,7 +129,7 @@ void device_key_derived_key_consistency_16_byte_key_reset_test(char *key)
|
|||
|
||||
for (int i = 0; i < 100; i++) {
|
||||
memset(output2, 0, sizeof(output2));
|
||||
ret = devkey.device_key_derived_key(salt, salt_size, output2, key_type);
|
||||
ret = devkey.generate_derived_key(salt, salt_size, output2, key_type);
|
||||
TEST_ASSERT_EQUAL_INT32(0, ret);
|
||||
TEST_ASSERT_EQUAL_UINT8_ARRAY(output1, output2, DEVICE_KEY_16BYTE);
|
||||
}
|
||||
|
@ -142,7 +146,7 @@ void device_key_derived_key_consistency_16_byte_key_reset_test(char *key)
|
|||
/*
|
||||
* Test the consistency of derived 32 byte key result after device reset.
|
||||
*/
|
||||
void device_key_derived_key_consistency_32_byte_key_reset_test(char *key)
|
||||
void generate_derived_key_consistency_32_byte_key_reset_test(char *key)
|
||||
{
|
||||
unsigned char output1[DEVICE_KEY_32BYTE];
|
||||
unsigned char output2[DEVICE_KEY_32BYTE];
|
||||
|
@ -165,7 +169,7 @@ void device_key_derived_key_consistency_32_byte_key_reset_test(char *key)
|
|||
TEST_ASSERT_EQUAL_INT(DEVICEKEY_SUCCESS, ret);
|
||||
|
||||
memset(output1, 0, sizeof(output1));
|
||||
ret = devkey.device_key_derived_key(salt, salt_size, output1, key_type);
|
||||
ret = devkey.generate_derived_key(salt, salt_size, output1, key_type);
|
||||
TEST_ASSERT_EQUAL_INT32(0, ret);
|
||||
bool is_empty = !memcmp(empty_buffer, output1, sizeof(output1));
|
||||
TEST_ASSERT_FALSE(is_empty);
|
||||
|
@ -186,7 +190,7 @@ void device_key_derived_key_consistency_32_byte_key_reset_test(char *key)
|
|||
|
||||
for (int i = 0; i < 100; i++) {
|
||||
memset(output2, 0, sizeof(output2));
|
||||
ret = devkey.device_key_derived_key(salt, salt_size, output2, key_type);
|
||||
ret = devkey.generate_derived_key(salt, salt_size, output2, key_type);
|
||||
TEST_ASSERT_EQUAL_INT32(0, ret);
|
||||
TEST_ASSERT_EQUAL_UINT8_ARRAY(output1, output2, DEVICE_KEY_32BYTE);
|
||||
}
|
||||
|
@ -299,7 +303,7 @@ void device_inject_root_of_trust_several_times_test()
|
|||
/*
|
||||
* Test the consistency of derived 16 byte key result.
|
||||
*/
|
||||
void device_key_derived_key_consistency_16_byte_key_test()
|
||||
void generate_derived_key_consistency_16_byte_key_test()
|
||||
{
|
||||
unsigned char output1[DEVICE_KEY_16BYTE];
|
||||
unsigned char output2[DEVICE_KEY_16BYTE];
|
||||
|
@ -317,14 +321,14 @@ void device_key_derived_key_consistency_16_byte_key_test()
|
|||
|
||||
size_t salt_size = sizeof(salt);
|
||||
memset(output1, 0, sizeof(output1));
|
||||
ret = devkey.device_key_derived_key(salt, salt_size, output1, key_type);
|
||||
ret = devkey.generate_derived_key(salt, salt_size, output1, key_type);
|
||||
TEST_ASSERT_EQUAL_INT32(0, ret);
|
||||
bool is_empty = !memcmp(empty_buffer, output1, sizeof(output1));
|
||||
TEST_ASSERT_FALSE(is_empty);
|
||||
|
||||
for (int i = 0; i < 100; i++) {
|
||||
memset(output2, 0, sizeof(output2));
|
||||
ret = devkey.device_key_derived_key(salt, salt_size, output2, key_type);
|
||||
ret = devkey.generate_derived_key(salt, salt_size, output2, key_type);
|
||||
TEST_ASSERT_EQUAL_INT32(0, ret);
|
||||
TEST_ASSERT_EQUAL_UINT8_ARRAY(output1, output2, DEVICE_KEY_16BYTE);
|
||||
}
|
||||
|
@ -333,7 +337,7 @@ void device_key_derived_key_consistency_16_byte_key_test()
|
|||
/*
|
||||
* Test the consistency of derived 32 byte key result.
|
||||
*/
|
||||
void device_key_derived_key_consistency_32_byte_key_test()
|
||||
void generate_derived_key_consistency_32_byte_key_test()
|
||||
{
|
||||
unsigned char output1[DEVICE_KEY_32BYTE];
|
||||
unsigned char output2[DEVICE_KEY_32BYTE];
|
||||
|
@ -351,14 +355,14 @@ void device_key_derived_key_consistency_32_byte_key_test()
|
|||
|
||||
size_t salt_size = sizeof(salt);
|
||||
memset(output1, 0, sizeof(output1));
|
||||
ret = devkey.device_key_derived_key(salt, salt_size, output1, key_type);
|
||||
ret = devkey.generate_derived_key(salt, salt_size, output1, key_type);
|
||||
TEST_ASSERT_EQUAL_INT32(0, ret);
|
||||
bool is_empty = !memcmp(empty_buffer, output1, sizeof(output1));
|
||||
TEST_ASSERT_FALSE(is_empty);
|
||||
|
||||
for (int i = 0; i < 100; i++) {
|
||||
memset(output2, 0, sizeof(output2));
|
||||
ret = devkey.device_key_derived_key(salt, salt_size, output2, key_type);
|
||||
ret = devkey.generate_derived_key(salt, salt_size, output2, key_type);
|
||||
TEST_ASSERT_EQUAL_INT32(0, ret);
|
||||
TEST_ASSERT_EQUAL_UINT8_ARRAY(output1, output2, DEVICE_KEY_32BYTE);
|
||||
}
|
||||
|
@ -367,7 +371,7 @@ void device_key_derived_key_consistency_32_byte_key_test()
|
|||
/*
|
||||
* Test request for 16 byte key is returning a correct key size.
|
||||
*/
|
||||
void device_key_derived_key_key_type_16_test()
|
||||
void generate_derived_key_key_type_16_test()
|
||||
{
|
||||
unsigned char output[DEVICE_KEY_16BYTE * 2];
|
||||
unsigned char salt[] = "The quick brown fox jumps over the lazy dog";
|
||||
|
@ -387,7 +391,7 @@ void device_key_derived_key_key_type_16_test()
|
|||
memcpy(output + DEVICE_KEY_16BYTE - sizeof(expectedString), expectedString, sizeof(expectedString));
|
||||
memcpy(output + DEVICE_KEY_16BYTE + 1, expectedString, sizeof(expectedString));
|
||||
|
||||
ret = devkey.device_key_derived_key(salt, salt_size, output, key_type);
|
||||
ret = devkey.generate_derived_key(salt, salt_size, output, key_type);
|
||||
TEST_ASSERT_EQUAL_INT32(0, ret);
|
||||
//Test that we didn't override the buffer after the 16 byte size
|
||||
TEST_ASSERT_EQUAL_UINT8_ARRAY(output + DEVICE_KEY_16BYTE + 1, expectedString, sizeof(expectedString));
|
||||
|
@ -398,7 +402,7 @@ void device_key_derived_key_key_type_16_test()
|
|||
/*
|
||||
* Test request for 32 byte key is returning a correct key size.
|
||||
*/
|
||||
void device_key_derived_key_key_type_32_test()
|
||||
void generate_derived_key_key_type_32_test()
|
||||
{
|
||||
unsigned char output[DEVICE_KEY_32BYTE * 2];
|
||||
unsigned char salt[] = "The quick brown fox jumps over the lazy dog";
|
||||
|
@ -418,7 +422,7 @@ void device_key_derived_key_key_type_32_test()
|
|||
memcpy(output + DEVICE_KEY_32BYTE - sizeof(expectedString), expectedString, sizeof(expectedString));
|
||||
memcpy(output + DEVICE_KEY_32BYTE + 1, expectedString, sizeof(expectedString));
|
||||
|
||||
ret = devkey.device_key_derived_key(salt, salt_size, output, key_type);
|
||||
ret = devkey.generate_derived_key(salt, salt_size, output, key_type);
|
||||
TEST_ASSERT_EQUAL_INT32(0, ret);
|
||||
//Test that we didn't override the buffer after the 32 byte size
|
||||
TEST_ASSERT_EQUAL_UINT8_ARRAY(output + DEVICE_KEY_32BYTE + 1, expectedString, sizeof(expectedString));
|
||||
|
@ -429,7 +433,7 @@ void device_key_derived_key_key_type_32_test()
|
|||
/*
|
||||
* Test request for unknown key size returns an error
|
||||
*/
|
||||
void device_key_derived_key_wrong_key_type_test()
|
||||
void generate_derived_key_wrong_key_type_test()
|
||||
{
|
||||
unsigned char output[DEVICE_KEY_16BYTE];
|
||||
unsigned char salt[] = "The quick brown fox jumps over the lazy dog";
|
||||
|
@ -445,7 +449,7 @@ void device_key_derived_key_wrong_key_type_test()
|
|||
TEST_ASSERT_EQUAL_INT(DEVICEKEY_SUCCESS, ret);
|
||||
|
||||
memset(output, 0, DEVICE_KEY_32BYTE);
|
||||
ret = devkey.device_key_derived_key(salt, salt_size, output, 12);//96 bit key type is not supported
|
||||
ret = devkey.generate_derived_key(salt, salt_size, output, 12);//96 bit key type is not supported
|
||||
TEST_ASSERT_EQUAL_INT32(DEVICEKEY_INVALID_KEY_TYPE, ret);
|
||||
|
||||
}
|
||||
|
@ -458,16 +462,16 @@ utest::v1::status_t greentea_failure_handler(const Case *const source, const fai
|
|||
|
||||
//Currently there can be only one test that contains reset and it has to be the first test!
|
||||
Case cases[] = {
|
||||
Case("Device Key - derived key reset", device_key_derived_key_reset_test, greentea_failure_handler),
|
||||
Case("Device Key - inject value wrong size", device_inject_root_of_trust_wrong_size_test, greentea_failure_handler),
|
||||
Case("Device Key - inject value 16 byte size", device_inject_root_of_trust_16_byte_size_test, greentea_failure_handler),
|
||||
Case("Device Key - inject value 32 byte size", device_inject_root_of_trust_32_byte_size_test, greentea_failure_handler),
|
||||
Case("Device Key - inject value several times", device_inject_root_of_trust_several_times_test, greentea_failure_handler),
|
||||
Case("Device Key - derived key consistency 16 byte key", device_key_derived_key_consistency_16_byte_key_test, greentea_failure_handler),
|
||||
Case("Device Key - derived key consistency 32 byte key", device_key_derived_key_consistency_32_byte_key_test, greentea_failure_handler),
|
||||
Case("Device Key - derived key key type 16", device_key_derived_key_key_type_16_test, greentea_failure_handler),
|
||||
Case("Device Key - derived key key type 32", device_key_derived_key_key_type_32_test, greentea_failure_handler),
|
||||
Case("Device Key - derived key wrong key type", device_key_derived_key_wrong_key_type_test, greentea_failure_handler)
|
||||
Case("Device Key - derived key reset", generate_derived_key_reset_test, greentea_failure_handler),
|
||||
Case("Device Key - inject value wrong size", device_inject_root_of_trust_wrong_size_test, greentea_failure_handler),
|
||||
Case("Device Key - inject value 16 byte size", device_inject_root_of_trust_16_byte_size_test, greentea_failure_handler),
|
||||
Case("Device Key - inject value 32 byte size", device_inject_root_of_trust_32_byte_size_test, greentea_failure_handler),
|
||||
Case("Device Key - inject value several times", device_inject_root_of_trust_several_times_test, greentea_failure_handler),
|
||||
Case("Device Key - derived key consistency 16 byte key", generate_derived_key_consistency_16_byte_key_test, greentea_failure_handler),
|
||||
Case("Device Key - derived key consistency 32 byte key", generate_derived_key_consistency_32_byte_key_test, greentea_failure_handler),
|
||||
Case("Device Key - derived key key type 16", generate_derived_key_key_type_16_test, greentea_failure_handler),
|
||||
Case("Device Key - derived key key type 32", generate_derived_key_key_type_32_test, greentea_failure_handler),
|
||||
Case("Device Key - derived key wrong key type", generate_derived_key_wrong_key_type_test, greentea_failure_handler)
|
||||
};
|
||||
|
||||
utest::v1::status_t greentea_test_setup(const size_t number_of_cases)
|
||||
|
|
|
@ -24,6 +24,8 @@
|
|||
#error [NOT_SUPPORTED] MBEDTLS_CMAC_C needs to be enabled for this driver
|
||||
#else
|
||||
|
||||
#if NVSTORE_ENABLED
|
||||
|
||||
namespace mbed {
|
||||
|
||||
DeviceKey::DeviceKey()
|
||||
|
@ -36,8 +38,8 @@ DeviceKey::~DeviceKey()
|
|||
return;
|
||||
}
|
||||
|
||||
int DeviceKey::device_key_derived_key(const unsigned char *salt, size_t isalt_size, unsigned char *output,
|
||||
uint16_t ikey_type)
|
||||
int DeviceKey::generate_derived_key(const unsigned char *salt, size_t isalt_size, unsigned char *output,
|
||||
uint16_t ikey_type)
|
||||
{
|
||||
uint32_t key_buff[DEVICE_KEY_32BYTE / sizeof(uint32_t)];
|
||||
size_t actual_size = DEVICE_KEY_32BYTE;
|
||||
|
@ -135,8 +137,8 @@ int DeviceKey::read_key_from_nvstore(uint32_t *output, size_t& size)
|
|||
}
|
||||
|
||||
// Calculate CMAC functions - wrapper for mbedtls start/update and finish
|
||||
int DeviceKey::calc_cmac(const unsigned char *input, size_t isize, uint32_t *ikey_buff, int ikey_size,
|
||||
unsigned char *output)
|
||||
int DeviceKey::calculate_cmac(const unsigned char *input, size_t isize, uint32_t *ikey_buff, int ikey_size,
|
||||
unsigned char *output)
|
||||
{
|
||||
int ret;
|
||||
mbedtls_cipher_context_t ctx;
|
||||
|
@ -183,14 +185,14 @@ int DeviceKey::get_derived_key(uint32_t *ikey_buff, size_t ikey_size, const unsi
|
|||
unsigned char *double_size_salt = NULL;
|
||||
|
||||
if (DEVICE_KEY_16BYTE == ikey_type) {
|
||||
ret = calc_cmac(isalt, isalt_size, ikey_buff, ikey_size, output);
|
||||
ret = calculate_cmac(isalt, isalt_size, ikey_buff, ikey_size, output);
|
||||
if (DEVICEKEY_SUCCESS != ret) {
|
||||
goto finish;
|
||||
}
|
||||
}
|
||||
|
||||
if (DEVICE_KEY_32BYTE == ikey_type) {
|
||||
ret = this->calc_cmac(isalt, isalt_size, ikey_buff, ikey_size, output);
|
||||
ret = this->calculate_cmac(isalt, isalt_size, ikey_buff, ikey_size, output);
|
||||
if (DEVICEKEY_SUCCESS != ret) {
|
||||
goto finish;
|
||||
}
|
||||
|
@ -200,7 +202,7 @@ int DeviceKey::get_derived_key(uint32_t *ikey_buff, size_t ikey_size, const unsi
|
|||
memcpy(double_size_salt, isalt, isalt_size);
|
||||
memcpy(double_size_salt + isalt_size, isalt, isalt_size);
|
||||
|
||||
ret = this->calc_cmac(double_size_salt, isalt_size * 2, ikey_buff, ikey_size, output + 16);
|
||||
ret = this->calculate_cmac(double_size_salt, isalt_size * 2, ikey_buff, ikey_size, output + 16);
|
||||
}
|
||||
|
||||
finish:
|
||||
|
@ -247,6 +249,7 @@ int DeviceKey::generate_key_by_trng(uint32_t *output, size_t& size)
|
|||
|
||||
} // namespace mbed
|
||||
|
||||
#endif //NVSTORE_ENABLED
|
||||
#endif
|
||||
|
||||
|
||||
|
|
|
@ -20,6 +20,8 @@
|
|||
#include "stdint.h"
|
||||
#include "platform/NonCopyable.h"
|
||||
|
||||
#if (NVSTORE_ENABLED)
|
||||
|
||||
namespace mbed {
|
||||
/** \addtogroup drivers */
|
||||
|
||||
|
@ -44,8 +46,7 @@ enum DeviceKeyStatus {
|
|||
|
||||
/** Use this singleton if you need to derive a new key from the device root of trust.
|
||||
*
|
||||
*
|
||||
* @endcode
|
||||
* @note Synchronization level: Thread safe
|
||||
* @ingroup drivers
|
||||
*/
|
||||
|
||||
|
@ -69,7 +70,7 @@ public:
|
|||
return instance;
|
||||
}
|
||||
|
||||
virtual ~DeviceKey();
|
||||
~DeviceKey();
|
||||
|
||||
/** Derive a new key based on the salt string. key type can be with values 16 bytes and 32 bytes
|
||||
* @param isalt input buffer used to create the new key. Same input will generate always the same key
|
||||
|
@ -79,7 +80,7 @@ public:
|
|||
* @param ikey_type type of the required key. Type must be 16 bytes or 32 bytes.
|
||||
* @return 0 on success, negative error code on failure
|
||||
*/
|
||||
int device_key_derived_key(const unsigned char *isalt, size_t isalt_size, unsigned char *output, uint16_t ikey_type);
|
||||
int generate_derived_key(const unsigned char *isalt, size_t isalt_size, unsigned char *output, uint16_t ikey_type);
|
||||
|
||||
/** Set a device key into the NVStore. In case TRNG support is missing, Call this method
|
||||
* before calling device_key_derived_key. This method should be called only once!
|
||||
|
@ -101,7 +102,7 @@ private:
|
|||
* @param output buffer for the CMAC result.
|
||||
* @return 0 on success, negative error code on failure
|
||||
*/
|
||||
int calc_cmac(const unsigned char *input, size_t isize, uint32_t *ikey_buff, int ikey_size, unsigned char *output);
|
||||
int calculate_cmac(const unsigned char *input, size_t isize, uint32_t *ikey_buff, int ikey_size, unsigned char *output);
|
||||
|
||||
/** Read a device key from the NVStore
|
||||
* @param output buffer for the returned key.
|
||||
|
@ -145,4 +146,5 @@ private:
|
|||
|
||||
}
|
||||
|
||||
#endif //NVSTORE_ENABLED
|
||||
#endif
|
||||
|
|
Loading…
Reference in New Issue