Age | Commit message (Collapse) | Author |
|
Signed-off-by: Jun Nie <jun.nie@linaro.org>
|
|
Signed-off-by: Jun Nie <jun.nie@linaro.org>
|
|
Signed-off-by: Jun Nie <jun.nie@linaro.org>
|
|
Signed-off-by: Jun Nie <jun.nie@linaro.org>
|
|
When ACL test is running with login type is group, it fails to run
C_Initialize. Fix this by sending the correct group id.
Signed-off-by: Matthew(Sukyoung) Chae <matthewc@axis.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Since OP-TEE commit cda03b63cf30 ("Enable SHA-3 support by default") [1]
regression_6016 fails when OP-TEE OS is compiled for QEMUv8 with
"make CFG_ULIBS_SHARED=y CFG_WITH_PAGER=y":
* regression_6016 Storage concurency
o regression_6016.1 Storage id: 00000001
threads: 4, loops: 8
regression_6000.c:1784: xtest_teec_open_session(&arg[m].session, &storage_ta_uuid, ((void *)0), &orig) has an unexpected value: 0xffff000c = TEEC_ERROR_OUT_OF_MEMORY, expected 0x0 = TEEC_SUCCESS
Use 3 threads instead of 4 to reduce the memory footprint.
Link: [1] https://github.com/OP-TEE/optee_os/commit/cda03b63cf304472adce7688a07168f4c66af5c7
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
If the system under test is using the now deprecated binary SO PIN
('0x00', '0x01', '0x02' etc), change it to the new one automatically.
This is a compatibility patch to avoid failing any test on older
systems.
Tested on QEMUv8 by running "xtest -t pkcs11" once with optee_test at
commit c0a61722df36 ("regression 1013: lower number of loops when pager
is constrained"), in other words: before the SO PIN was changed, then a
second time with a build issued from this commit.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
xtest pkcs11_1003 shows the following warning:
o pkcs11_1003.3 Test C_Login()/C_Logout() with PIN based authentication
Do_ADBG_EndSubCase: Active SubCase "Test C_Login()/C_Logout() with PIN
based authentication" doesn't match supplied title
"Test C_Login()/C_Logout() with PIN based authorization"
Fix the second label.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
PKCS#11 PINs are UTF-8 character strings. The default SO PIN used in the
test suite contains a NUL, which causes issues with for example
pkcs11-tool which interprets the NUL byte as the end of the string, thus
making the slot impossible to use from the command line.
Therefore, and for better compatibility with command-line tools after
xtest has been run, use simpler (ASCII) values for both the SO and user
PINs.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
|
|
With the updated types for GP 1.3 TEE_ObjectInfo contains elements with
the type size_t. If xtest is built for AArch64 while the storage TA is
built for AArch32 the ABI will become incompatible. Fix this by adding
struct ta_storage_obj_info with fixed width integers only and use that
in the TA ABI used by xtest.
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
|
|
Decreases the number of loops tested in regression_1013 when test
level is 0 and OP-TEE embeds pager with a relatively small page pool
unless what the test can be very slow.
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Skips BGET test when OP-TEE embeds pager with a relatively small page
pool unless what test can be very slow. The reason is that freed
buffers have their content wiped and BGET test allocates quite a few
very big (MByte) paged buffers which content is long to clear when
operating with the pager.
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Check the version of the arm_ffa_user Kernel Driver and fail with a
meaningful message if incompatible driver is detected.
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Updating arm-ffa-user to v5.0.1 to get the following changes:
- move to 64 bit direct messages
- add Linux Kernel v6.1 compatibility
The motivation is to update x-test to depend on the same driver
version as TS uefi-test and thus to enable running these in a single
configuration.
Note: arm_ffa_user.h was copied from:
- URL:https://git.gitlab.arm.com/linux-arm/linux-trusted-services.git
- SHA:18e3be71f65a405dfb5d97603ae71b3c11759861
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Fixes type used to set Cryptoki attribute value cell size where an
explicit type is used whereas the referenced attribute local variable
could better be used for consistency of the implementation. By the way
this change also fixes an equivalent type size issue on memory allocation
in xtest_pkcs11_test_1001().
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
We should not call C_Finalize() through close_lib() until pkcs11 lib is
initialized.
Signed-off-by: Matthew(Sukyoung) Chae <matthewc@axis.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Fixes type used to store a CKA_VALUE_LEN attribute value, that is
CK_ULONG as per PKCS#11 specification, no uint32_t.
The issue was found on 64-bit xtest where
pkcs11_1000.c:3496: Expression "g_decrypt == CK_TRUE" (0 == 1) is false
pkcs11_1014.1 FAILED
Signed-off-by: rui guo <rui.guo@amlogic.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
The ION allocator is deprecated and not present in recent kernels.
Remove the code that uses it.
Tested on QEMUv8 with CFG_SECURE_DATA_PATH=n. Enabling SDP will
require a bit more work (use a toolchain with kernel headers recent
enough to have <linux/dma-heap.h>, and probably a few more things to
enable the SDP heap in the kernel), that is out of scope for this
commit.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
RISC-V instruction size is 32-bits, 0x0 triggers an illegal
instruction exception.
Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Commit b38e9e06fcbd ("xtest: pkcs11: add PKCS11 ACL auth test") split
init_{user_,}test_token() into init_{user_,}test_token_pin_auth() and
init_{user_,}token_acl_auth() but omitted to update a couple of call
sites. Fix them.
Fixes the following compile errors:
pkcs11_1000.c: In function ‘xtest_pkcs11_test_1026’:
pkcs11_1000.c:8537:7: error: implicit declaration of function ‘init_test_token’ [-Werror=implicit-function-declaration]
8537 | rv = init_test_token(slot);
| ^~~~~~~~~~~~~~~
pkcs11_1000.c:8537:7: error: nested extern declaration of ‘init_test_token’ [-Werror=nested-externs]
pkcs11_1000.c:8541:7: error: implicit declaration of function ‘init_user_test_token’; did you mean ‘init_user_test_token_acl_auth’? [-Werror=implicit-function-declaration]
8541 | rv = init_user_test_token(slot);
| ^~~~~~~~~~~~~~~~~~~~
| init_user_test_token_acl_auth
pkcs11_1000.c:8541:7: error: nested extern declaration of ‘init_user_test_token’ [-Werror=nested-externs]
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Commit b38e9e06fcbd ("xtest: pkcs11: add PKCS11 ACL auth test") added a
new parameter to init_lib_and_find_token_slot() but omitted to update
one call site. Fix that.
Fixes the following compile error:
pkcs11_1000.c: In function ‘xtest_pkcs11_test_1026’:
pkcs11_1000.c:8533:7: error: too few arguments to function ‘init_lib_and_find_token_slot’
8533 | rv = init_lib_and_find_token_slot(&slot);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
New PKCS11 test for TEE identity based authentication is added.
C_InitToken with null pointer creates protected authentication
path and then C_InitPin setup the ACL based user pin.
Once initialization is completed, the current connection is closed
and a new CKU_USER connection is opened. And then, login/logout test
with ACL authentication is performed.
Signed-off-by: Matthew(Sukyoung) Chae <matthewc@axis.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Use `bindir` and `libdir` as variables for installation
targets.
These variables names are defined by GNU coding standards [1].
Link: [1] https://www.gnu.org/prep/standards/html_node/Directory-Variables.html
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
|
|
Adds a comparison with a pre-calculated absolute value.
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Adds tests for TEE_BigIntExpMod().
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Adds a test for TEE_BigIntAssign().
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Adds tests for TEE_BigIntSetBit() and TEE_BigIntGetBit().
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Adds tests for TEE_BigIntAbs().
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Adds wrappers for TEE_BigIntSetBit(), TEE_BigIntAssign(),
TEE_BigIntAbs() and TEE_BigIntExpMod().
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Adds test for HMAC_SHA3_{224,256,384,512}.
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Extends regression case 6013 to test transforming a transient object
into a persistent object with TEE_CreatePersistentObject(). This is a
new feature in TEE Internal API v1.3 and is done by supplying a NULL
pointer instead of an output object pointer to
TEE_CreatePersistentObject().
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Adds tests for TEE_DigestExtract().
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Adds a wrapper for TEE_DigestExtract().
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Adds test for SHA3_{224,256,384,512} and SHAKE{128,256}. The SHAKE
algorithms are based on SHA-3 but instead of a fixed length output they
implement an Extendable Output Function (XOF). So the call to
TEE_DigestDoFinal() must set the expected size or we'll get more data
than the test vector expects.
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
For the cases where the algorithm TEE_ALG_RSAES_PKCS1_OAEP_MGF1_SHA1 is
used, add the optional parameter TEE_ATTR_RSA_OAEP_MGF_HASH with
TEE_ALG_SHA1 as argument.
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Update the test TAs and xtest to use a the lastest version, 1.3.1, of
TEE Internal Core API. This is basically a matter of replacing a few
uint32_t pointers with size_t pointers instead.
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Add a CI script to build and run xtest with QEMU on push and pull request.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Fixes the warning:
29659: pkcs11_1000.c: In function ‘test_rsa_aes_wrap’:
29660: pkcs11_1000.c:8249:51: error: format ‘%lu’ expects argument of type ‘long unsigned int’, but argument 5 has type ‘size_t’ {aka ‘unsigned int’} [-Werror=format=]
29661: 8249 | "Test RSA AES wrap/unwrap of %lu %s key with %lu RSA",
29662: | ~~^
29663: | |
29664: | long unsigned int
29665: | %u
29666: 8250 | target_bits, (t->target_type == CKK_AES) ? "AES" : "RSA",
29667: 8251 | t->key.modulus_len * 8);
29668: | ~~~~~~~~~~~~~~~~~~~~~~
29669: | |
29670: | size_t {aka unsigned int}
Fixes: 942159ad8611 ("xtest: pkcs11: Add test for RSA AES key wrap mechanism")
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Adds basic tests to exercise CKM_RSA_AES_KEY_WRAP operations:
* test wrap/unwrap of AES key:
- generate sample AES keys of different sizes
- wrap sample key using RSA public key
- unwrap sample key using RSA private key
* test wrap/unwrap of RSA private key:
- create sample RSA private key
- wrap sample key using RSA public key
- unwrap sample key using RSA private key
* test unwrapping of externally (by openssl) wrapped AES key
To speed up tests execution all tests avoid RSA keypairs generation, but
use pre-generated keypairs from the data header.
Signed-off-by: Sergiy Kibrik <Sergiy_Kibrik@epam.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
OP-TEE supports a debug method to dump user TA's runtime context
through stats PTA. The patch is to extend xtest to support it.
Tested-by: Weizhao Jiang <weizhaoj@amazon.com>
Signed-off-by: Weizhao Jiang <weizhaoj@amazon.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
For the "Pass array to a plugin" sub-case make the passed buffer in/out
since it's passed like that to in that TA with tee_invoke_supp_plugin().
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Adds missing dependency of supp_plugin test on libteec header files
that are brought in by libteec. The issue was reported by compiler with
the below build error message:
/tmp/optee/optee_test/host/supp_plugin/test_supp_plugin.c:12:10: fatal error: tee_plugin_method.h: No such file or directory
12 | #include <tee_plugin_method.h>
| ^~~~~~~~~~~~~~~~~~~~~
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
With the addition of regression_1039 tests, the compilation of subkey1
and subkey2 TAs is required in the Makefile for xtest to pass.
* regression_1039 Test subkey verification
o regression_1039.1 Load TA with two levels of subkeys
/usr/src/debug/optee-test/upstream.imx-r0/git/host/xtest/regression_1000.c:3206:xtest_teec_open_session(&session, &subkey1_ta_uuid, ((void *)0),&ret_orig) has an unexpected value: 0xffff0008 = TEEC_ERROR_ITEM_NOT_FOUND, expected 0x0 = TEEC_SUCCESS
regression_1039.1 FAILED
o regression_1039.2 Load TA with identity subkey
/usr/src/debug/optee-test/upstream.imx-r0/git/host/xtest/regression_1000.c:3213: xtest_teec_open_session(&session, &subkey2_ta_uuid, ((void *)0), &ret_orig) has an unexpected value: 0xffff0008 = TEEC_ERROR_ITEM_NOT_FOUND, expected 0x0 = TEEC_SUCCESS
regression_1039.2 FAILED
regression_1039 FAILED
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
The regression cases 4012-4016 indicates an unnecessary build-time
dependency on CFG_SYSTEM_PTA. So remove the ifdef.
The affected test cases (4012 and 4013) instead skip these tests if it
turns out that the system PTA isn't available.
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Removes the CFG_SYSTEM_PTA ifdef, the TA returns a useful error code
,TEE_ERROR_ITEM_NOT_FOUND, if the System PTA isn't available.
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Removes the unnecessary suffix _ed25519 for the regression test case
4016.
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Prior to this patch was the TEE_ATTR_EDDSA_PREHASH attribute initialized
incorrectly. To indicate Ed25519ph the a and b values should be 1, 0
respectively. Giving the values 0, 0 is the same as not supplying the
TEE_ATTR_EDDSA_PREHASH attribute at all. So fix this by setting the
values 1, 0 when supplied.
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
While the TEE Internal Core API in OP-TEE OS is updated, enable
compatibility with the last support version. This is done by compiling
xtest with __OPTEE_CORE_API_COMPAT_1_1=1 and including
<tee_api_compat.h> too. The TAs enable it with
CFG_TA_OPTEE_CORE_API_COMPAT_1_1==y in ta/ta_common.mk.
Backwards compatibility is enabled for the GP test suite TAs in the same
way, using a new patch.
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Add HMAC algorithms to hash-perf
Signed-off-by: yuzexi <yuzexi@hisilicon.com>
Reviewed-by: Xiaoxu Zeng <zengxiaoxu@huawei.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: wangyuan <wangyuan46@huawei.com>
|
|
Rename --sha-perf to --hash-perf and add SM3
Signed-off-by: yuzexi <yuzexi@hisilicon.com>
Reviewed-by: Xiaoxu Zeng <zengxiaoxu@huawei.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: wangyuan <wangyuan46@huawei.com>
|