Add checks ,initialization,remove unneeded code and files license update

2019-02-13 18:15:41 +02:00 · 2019-02-13 18:15:41 +02:00 · 4101ee92df
parent 080f4f4e69
commit 4101ee92df
8 changed files with 40 additions and 36 deletions
--- a/TESTS/psa/attestation/main.cpp
+++ b/TESTS/psa/attestation/main.cpp
@ -1,5 +1,5 @@
 /*
-* Copyright (c) 2018 ARM Limited. All rights reserved.
+* Copyright (c) 2019 ARM Limited. All rights reserved.
 *
 * SPDX-License-Identifier: Apache-2.0
 *
@ -83,11 +83,7 @@ static void check_initial_attestation_get_token()
    uint8_t exported[sizeof(public_key_data)];
    enum psa_attest_err_t attest_err = PSA_ATTEST_ERR_SUCCESS;
    uint32_t token_size;
-    const psa_key_id_t key_id = 17;
-    psa_key_handle_t handle = 0;
-    status = psa_crypto_init();
-    status = psa_open_key(PSA_KEY_LIFETIME_PERSISTENT, key_id, &handle);
-    status = psa_destroy_key(handle);
+
    status = psa_attestation_inject_key(private_key_data,
                                        sizeof(private_key_data),
                                        PSA_KEY_TYPE_ECC_KEYPAIR(PSA_ECC_CURVE_SECP256R1),
@ -119,7 +115,7 @@ utest::v1::status_t case_teardown_handler(const Case *const source, const size_t
    psa_key_handle_t handle = 0;
    psa_open_key(PSA_KEY_LIFETIME_PERSISTENT, key_id, &handle);
    psa_destroy_key(handle);
-    // mbedtls_psa_cr/ypto_free();
+    mbedtls_psa_crypto_free();
    return greentea_case_teardown_handler(source, passed, failed, reason);
 }

--- a/components/TARGET_PSA/inc/psa/psa_attest_inject_key.h
+++ b/components/TARGET_PSA/inc/psa/psa_attest_inject_key.h
@ -16,13 +16,6 @@
 * limitations under the License.
 */

-/***************************************************************************/
-/*                             DRAFT UNDER REVIEW                          */
-/*   These APIs are still evolving and are meant as a prototype for review.*/
-/*   The APIs will change depending on feedback and will be firmed up      */
-/*   to a stable set of APIs once all the feedback has been considered.    */
-/***************************************************************************/
-
 #ifndef __PSA_INJECT_KEY_H__
 #define __PSA_INJECT_KEY_H__

--- a/components/TARGET_PSA/services/attestation/COMPONENT_PSA_SRV_EMUL/psa_initial_attestation_api.c
+++ b/components/TARGET_PSA/services/attestation/COMPONENT_PSA_SRV_EMUL/psa_initial_attestation_api.c
@ -65,10 +65,6 @@ psa_initial_attest_get_token_size(uint32_t  challenge_size,
    psa_outvec out_vec[1] = { { token_size, sizeof(*token_size) } };

    err = initial_attest_get_token_size(in_vec, 1, out_vec, 1);
-    if (err != PSA_ATTEST_ERR_SUCCESS)
-    {
-        return err;
-    }

    return err;
 }
--- a/components/TARGET_PSA/services/attestation/COMPONENT_PSA_SRV_IMPL/attest_boot_status_loader.c
+++ b/components/TARGET_PSA/services/attestation/COMPONENT_PSA_SRV_IMPL/attest_boot_status_loader.c
@ -22,20 +22,21 @@
 #include "attestation_bootloader_data.h"
 #include "tfm_boot_status.h"

+/*!
+ * \def SHARED_DATA_INITIALZED and SHARED_DATA_UNNITIALZED
+ *
+ * \brief Indicates that shared data was already initialized.
+ */
+#define SHARED_DATA_UNNITIALZED  (0u)
+#define SHARED_DATA_INITIALZED   (1u)
+
 /*!
 * \var shared_data_init_done
 *
 * \brief Indicates whether shared data area was already initialized.
 *
 */
-static uint32_t shared_data_init_done;
-
-/*!
- * \def SHARED_DATA_INITIALZED
- *
- * \brief Indicates that shared data was already initialized.
- */
-#define SHARED_DATA_INITIALZED   (1u)
+static uint32_t shared_data_init_done = SHARED_DATA_UNNITIALZED;

 enum psa_attest_err_t
 attest_get_boot_data(uint8_t major_type, void *ptr, uint32_t len) {
@ -61,12 +62,10 @@ attest_get_boot_data(uint8_t major_type, void *ptr, uint32_t len) {
    if (len < SHARED_DATA_HEADER_SIZE)
    {
        return PSA_ATTEST_ERR_INIT_FAILED;
-    } else
-    {
-        ptr_tlv_header = (struct shared_data_tlv_header *)ptr;
-        ptr_tlv_header->tlv_magic   = SHARED_DATA_TLV_INFO_MAGIC;
-        ptr_tlv_header->tlv_tot_len = SHARED_DATA_HEADER_SIZE;
    }
+    ptr_tlv_header = (struct shared_data_tlv_header *)ptr;
+    ptr_tlv_header->tlv_magic   = SHARED_DATA_TLV_INFO_MAGIC;
+    ptr_tlv_header->tlv_tot_len = SHARED_DATA_HEADER_SIZE;

    ptr += SHARED_DATA_HEADER_SIZE;
    /* Iterates over the TLV section and copy TLVs with requested major
@ -79,6 +78,9 @@ attest_get_boot_data(uint8_t major_type, void *ptr, uint32_t len) {
            memcpy(ptr, (const void *)tlv_entry, tlv_entry->tlv_len);
            ptr += tlv_entry->tlv_len;
            ptr_tlv_header->tlv_tot_len += tlv_entry->tlv_len;
+            if (len < ptr_tlv_header->tlv_tot_len) {
+                return PSA_ATTEST_ERR_INIT_FAILED;
+            }
        }
    }

--- a/components/TARGET_PSA/services/attestation/COMPONENT_PSA_SRV_IMPL/attest_crypto.c
+++ b/components/TARGET_PSA/services/attestation/COMPONENT_PSA_SRV_IMPL/attest_crypto.c
@ -22,9 +22,10 @@
 #include "tfm_plat_crypto_keys.h"
 #include <string.h>

-static psa_hash_operation_t hash_handle;
 #define PSA_ATTESTATION_PRIVATE_KEY_ID 17

+static psa_hash_operation_t hash_handle = {0};
+
 enum t_cose_err_t
 t_cose_crypto_pub_key_sign(int32_t cose_alg_id,
                           int32_t key_select,
@ -84,7 +85,7 @@ t_cose_crypto_get_ec_pub_key(int32_t key_select,
    enum tfm_plat_err_t err;
    enum ecc_curve_t cose_curve;
    struct ecc_key_t attest_key = {0};
-    uint8_t  key_buf[ECC_P_256_KEY_SIZE];
+    uint8_t key_buf[ECC_P_256_KEY_SIZE] = {0};

    (void)key_select;

--- a/components/TARGET_PSA/services/attestation/COMPONENT_PSA_SRV_IPC/psa_attest_inject_key.c
+++ b/components/TARGET_PSA/services/attestation/COMPONENT_PSA_SRV_IPC/psa_attest_inject_key.c
@ -38,7 +38,7 @@ psa_attestation_inject_key(const uint8_t *key_data,

    in_vec[0] = (psa_invec) {
        &type,
-        sizeof(psa_key_type_t)
+        sizeof(type)
    };
    in_vec[1] = (psa_invec) {
        key_data, key_data_length
--- a/components/TARGET_PSA/services/attestation/COMPONENT_PSA_SRV_IPC/psa_initial_attestation_api.c
+++ b/components/TARGET_PSA/services/attestation/COMPONENT_PSA_SRV_IPC/psa_initial_attestation_api.c
@ -50,8 +50,6 @@ psa_initial_attest_get_token(const uint8_t *challenge_obj,
        err_call = PSA_ATTEST_ERR_GENERAL;
    }

-    *token_size = out_vec[0].len;
-
    return ((enum psa_attest_err_t) err_call);
 }

--- a/components/TARGET_PSA/services/attestation/COMPONENT_SPE/psa_attestation_partition.c
+++ b/components/TARGET_PSA/services/attestation/COMPONENT_SPE/psa_attestation_partition.c
@ -1,3 +1,21 @@
+/*
+* Copyright (c) 2018-2019 ARM Limited. All rights reserved.
+*
+* SPDX-License-Identifier: Apache-2.0
+*
+* Licensed under the Apache License, Version 2.0 (the License); you may
+* not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an AS IS BASIS, WITHOUT
+* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+
 // ---------------------------------- Includes ---------------------------------
 #include "psa/service.h"
 #include "psa/client.h"