crypto-client test: implement the first IPC call for psa_crypto_init()

This commit implements the first useful IPC communication between
the client and the server. The implemented command is simple,
psa_crypto_init(), and its return value is sent back to the client.

Note: the newly added file psa_functions_codes.h is temporary
and it's probably the one that needs to be automatically
generated by a python script to support all crypto functions.

Signed-off-by: Valerio Setti <valerio.setti@nordicsemi.no>

tests/psa-client-server/psasim/include/psa/client.h

@@ -15,7 +15,9 @@ extern "C" {
 #include <stdint.h>
 #include <stddef.h>
 
-#include "psa/error.h"
+#include "psa/crypto.h"
+
+#include "psa/error_ext.h"
 /*********************** PSA Client Macros and Types *************************/
 
 #define PSA_FRAMEWORK_VERSION  (0x0100)

tests/psa-client-server/psasim/include/psa/common.h

@@ -27,7 +27,6 @@
 
 #define NON_SECURE (1 << 30)
 
-typedef int32_t psa_status_t;
 typedef int32_t psa_handle_t;
 
 #define PSA_MAX_IOVEC (4u)

tests/psa-client-server/psasim/include/psa/error.h

@@ -1,38 +0,0 @@
-/* PSA status codes used by psasim. */
-
-/*
- *  Copyright The Mbed TLS Contributors
- *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
- */
-
-#ifndef PSA_ERROR_H
-#define PSA_ERROR_H
-
-#include <stdint.h>
-
-#include "psa/common.h"
-
-#define PSA_SUCCESS                     ((psa_status_t) 0)
-
-#define PSA_ERROR_PROGRAMMER_ERROR      ((psa_status_t) -129)
-#define PSA_ERROR_CONNECTION_REFUSED    ((psa_status_t) -130)
-#define PSA_ERROR_CONNECTION_BUSY       ((psa_status_t) -131)
-#define PSA_ERROR_GENERIC_ERROR         ((psa_status_t) -132)
-#define PSA_ERROR_NOT_PERMITTED         ((psa_status_t) -133)
-#define PSA_ERROR_NOT_SUPPORTED         ((psa_status_t) -134)
-#define PSA_ERROR_INVALID_ARGUMENT      ((psa_status_t) -135)
-#define PSA_ERROR_INVALID_HANDLE        ((psa_status_t) -136)
-#define PSA_ERROR_BAD_STATE             ((psa_status_t) -137)
-#define PSA_ERROR_BUFFER_TOO_SMALL      ((psa_status_t) -138)
-#define PSA_ERROR_ALREADY_EXISTS        ((psa_status_t) -139)
-#define PSA_ERROR_DOES_NOT_EXIST        ((psa_status_t) -140)
-#define PSA_ERROR_INSUFFICIENT_MEMORY   ((psa_status_t) -141)
-#define PSA_ERROR_INSUFFICIENT_STORAGE  ((psa_status_t) -142)
-#define PSA_ERROR_INSUFFICIENT_DATA     ((psa_status_t) -143)
-#define PSA_ERROR_SERVICE_FAILURE       ((psa_status_t) -144)
-#define PSA_ERROR_COMMUNICATION_FAILURE ((psa_status_t) -145)
-#define PSA_ERROR_STORAGE_FAILURE       ((psa_status_t) -146)
-#define PSA_ERROR_HARDWARE_FAILURE      ((psa_status_t) -147)
-#define PSA_ERROR_INVALID_SIGNATURE     ((psa_status_t) -149)
-
-#endif

tests/psa-client-server/psasim/include/psa/error_ext.h

@@ -0,0 +1,19 @@
+/* PSA status codes used by psasim. */
+
+/*
+ *  Copyright The Mbed TLS Contributors
+ *  SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
+ */
+
+#ifndef PSA_ERROR_H
+#define PSA_ERROR_H
+
+#include <stdint.h>
+
+#include "psa/common.h"
+
+#define PSA_ERROR_PROGRAMMER_ERROR      ((psa_status_t) -129)
+#define PSA_ERROR_CONNECTION_REFUSED    ((psa_status_t) -130)
+#define PSA_ERROR_CONNECTION_BUSY       ((psa_status_t) -131)
+
+#endif

tests/psa-client-server/psasim/include/psa/service.h

@@ -17,6 +17,8 @@ extern "C" {
 
 #include "psa/common.h"
 
+#include "psa/crypto.h"
+
 /********************** PSA Secure Partition Macros and Types ****************/
 
 /* PSA wait timeouts */

tests/psa-client-server/psasim/src/Makefile

@@ -1,4 +1,6 @@
-INCLUDE = -I../include/
+# Here I'm picking also libpsaclient/include because I just need it for the
+# psa/crypto.h include. libpsaserver would have worked the same.
+INCLUDE = -I../include/ -I../../../libpsaclient/include
 PSA_LIB = libpsaff.a
 
 PSA_LIB_OBJS = client.o service.o

tests/psa-client-server/psasim/src/client.c

@@ -19,7 +19,7 @@
 
 #include "psa/client.h"
 #include "psa/common.h"
-#include "psa/error.h"
+#include "psa/error_ext.h"
 #include "psa/util.h"
 
 typedef struct internal_handle {

tests/psa-client-server/psasim/src/service.c

@@ -18,7 +18,7 @@
 
 #include "psa/service.h"
 #include "psasim/init.h"
-#include "psa/error.h"
+#include "psa/error_ext.h"
 #include "psa/common.h"
 #include "psa/util.h"
 

tests/psa-client-server/psasim/test/Makefile

@@ -26,10 +26,10 @@ PARTITION_SERVER_BOOTSTRAP = psa_ff_bootstrap_TEST_PARTITION.c
 all: $(TEST_BIN)
 
 psa_client: client.c $(GENERATED_H_FILES)
-	$(CC) $(COMMON_INCLUDE) $(LIBPSACLIENT_H) $(CFLAGS) $< $(LIBPSASIM) $(LIBPSACLIENT) -o $@
+	$(CC) $(COMMON_INCLUDE) $(LIBPSACLIENT_H) $(CFLAGS) $< $(LIBPSASIM) $(LIBPSACLIENT) $(LDFLAGS) -o $@
 
 psa_partition: $(PARTITION_SERVER_BOOTSTRAP) $(GENERATED_H_FILES)
-	$(CC) $(COMMON_INCLUDE) $(LIBPSASERVER_H) $(CFLAGS) $< $(LIBPSASIM) $(LIBPSASERVER) -o $@
+	$(CC) $(COMMON_INCLUDE) $(LIBPSASERVER_H) $(CFLAGS) $< $(LIBPSASIM) $(LIBPSASERVER) $(LDFLAGS) -o $@
 
 $(PARTITION_SERVER_BOOTSTRAP) $(GENERATED_H_FILES): manifest.json server.c
 	../tools/psa_autogen.py $<

tests/psa-client-server/psasim/test/client.c

@@ -8,11 +8,15 @@
 #include <stdio.h>
 #include <unistd.h>
 
+/* Includes from psasim */
 #include <psa/client.h>
 #include <psa/util.h>
 #include "psa_manifest/sid.h"
+#include "psa_functions_codes.h"
 
+/* Includes from mbedtls */
 #include "mbedtls/version.h"
+#include "psa/crypto.h"
 
 #define CLIENT_PRINT(fmt, ...) \
     PRINT("Client: " fmt, ##__VA_ARGS__)
@@ -20,8 +24,9 @@
 int main()
 {
     char mbedtls_version[18];
-    const char *text = "FOOBARCOOL!!";
-    char output[100] = { 0 };
+    // psa_invec invecs[1];
+    // psa_outvec outvecs[1];
+    psa_status_t status;
 
     mbedtls_version_get_string_full(mbedtls_version);
     CLIENT_PRINT("%s", mbedtls_version);
@@ -34,23 +39,16 @@ int main()
     if (h < 0) {
         CLIENT_PRINT("Couldn't connect %d", h);
         return 1;
-    } else {
-        int type = 2;
-        CLIENT_PRINT("psa_call() w/o invec returned: %d", psa_call(h, type, NULL, 0, NULL, 0));
-        psa_invec invecs[1];
-        psa_outvec outvecs[1];
-        invecs[0].base = text;
-        invecs[0].len = sizeof(text);
-        outvecs[0].base = output;
-        outvecs[0].len = sizeof(output);
-
-        CLIENT_PRINT("invec len: %lu", invecs[0].len);
-        CLIENT_PRINT("psa_call() w/ invec returned: %d", psa_call(h, type, invecs, 1, outvecs, 1));
-        CLIENT_PRINT("Received payload len: %ld", outvecs[0].len);
-        CLIENT_PRINT("Received payload content: %s", output);
-        CLIENT_PRINT("Closing handle");
-        psa_close(h);
     }
 
+    status = psa_call(h, PSA_CRYPTO_INIT, NULL, 0, NULL, 0);
+    CLIENT_PRINT("PSA_CRYPTO_INIT returned: %d", status);
+
+    CLIENT_PRINT("Closing handle");
+    psa_close(h);
+
+    if (status != PSA_SUCCESS) {
+        return 1;
+    }
     return 0;
 }

tests/psa-client-server/psasim/test/manifest.json

@@ -3,14 +3,14 @@
    "name":"TEST_PARTITION",
    "type":"PSA-ROT",
    "priority":"LOW",
-   "entry_point":"psa_sha256_main",
+   "entry_point":"psa_server_main",
    "stack_size":"0x400",
    "heap_size":"0x100",
    "services":[
       {
          "name":"PSA_SID_SHA256",
          "sid":"0x0000F000",
-         "signal":"PSA_SHA256",
+         "signal":"PSA_CRYPTO",
          "non_secure_clients": "true",
          "minor_version":1,
          "minor_policy":"STRICT"

tests/psa-client-server/psasim/test/psa_functions_codes.h

@@ -0,0 +1,9 @@
+#ifndef _PSA_FUNCTIONS_CODES_H_
+#define  _PSA_FUNCTIONS_CODES_H_
+
+enum {
+    PSA_CRYPTO_INIT = 0x00,
+    /* Add other PSA functions here */
+};
+
+#endif /*  _PSA_FUNCTIONS_CODES_H_ */

tests/psa-client-server/psasim/test/run_test.sh

@@ -11,7 +11,10 @@
 
 set -e
 
+cd "$(dirname "$0")"
+
 function clean_run() {
+    rm -f psa_notify_*
     pkill psa_partition || true
     pkill psa_client || true
     ipcs | grep q | awk '{ printf " -q " $$2 }' | xargs ipcrm > /dev/null 2>&1 || true
@@ -21,7 +24,7 @@ function clean_run() {
 # event as signal that the server is ready so that we can start client(s).
 function wait_for_server_startup() {
     while [ ! -f ./psa_notify_* ]; do
-    sleep 0.1
+        sleep 0.1
     done
 }
 

tests/psa-client-server/psasim/test/server.c

@@ -8,12 +8,16 @@
 #include <unistd.h>
 #include <stdio.h>
 
+/* Includes from psasim */
 #include "psa/service.h"
-#include "psa/error.h"
+#include "psa/error_ext.h"
 #include "psa/util.h"
 #include "psa_manifest/manifest.h"
+#include "psa_functions_codes.h"
 
+/* Includes from mbedtls */
 #include "mbedtls/version.h"
+#include "psa/crypto.h"
 
 #define SERVER_PRINT(fmt, ...) \
     PRINT("Server: " fmt, ##__VA_ARGS__)
@@ -38,11 +42,10 @@ void parse_input_args(int argc, char *argv[])
     }
 }
 
-int psa_sha256_main(int argc, char *argv[])
+int psa_server_main(int argc, char *argv[])
 {
     psa_status_t ret = PSA_ERROR_PROGRAMMER_ERROR;
     psa_msg_t msg = { -1 };
-    char foo[BUF_SIZE] = { 0 };
     const int magic_num = 66;
     int client_disconnected = 0;
     char mbedtls_version[18];
@@ -60,10 +63,9 @@ int psa_sha256_main(int argc, char *argv[])
             SERVER_PRINT("Signals: 0x%08x", signals);
         }
 
-        if (signals & PSA_SHA256_SIGNAL) {
-            if (PSA_SUCCESS == psa_get(PSA_SHA256_SIGNAL, &msg)) {
-                SERVER_PRINT("My handle is %d", msg.handle);
-                SERVER_PRINT("My rhandle is %p", (int *) msg.rhandle);
+        if (signals & PSA_CRYPTO_SIGNAL) {
+            if (PSA_SUCCESS == psa_get(PSA_CRYPTO_SIGNAL, &msg)) {
+                SERVER_PRINT("handle: %d - rhandle: %p", msg.handle, (int *) msg.rhandle);
                 switch (msg.type) {
                     case PSA_IPC_CONNECT:
                         SERVER_PRINT("Got a connection message");
@@ -75,34 +77,23 @@ int psa_sha256_main(int argc, char *argv[])
                         ret = PSA_SUCCESS;
                         client_disconnected = 1;
                         break;
-
                     default:
                         SERVER_PRINT("Got an IPC call of type %d", msg.type);
-                        ret = 42;
-                        size_t size = msg.in_size[0];
-
-                        if ((size > 0) && (size <= sizeof(foo))) {
-                            psa_read(msg.handle, 0, foo, 6);
-                            foo[(BUF_SIZE-1)] = '\0';
-                            SERVER_PRINT("Reading payload: %s", foo);
-                            psa_read(msg.handle, 0, foo+6, 6);
-                            foo[(BUF_SIZE-1)] = '\0';
-                            SERVER_PRINT("Reading payload: %s", foo);
-                        }
-
-                        size = msg.out_size[0];
-                        if ((size > 0)) {
-                            SERVER_PRINT("Writing response");
-                            psa_write(msg.handle, 0, "RESP", 4);
-                            psa_write(msg.handle, 0, "ONSE", 4);
+                        switch (msg.type) {
+                            case PSA_CRYPTO_INIT:
+                                ret = psa_crypto_init();
+                                break;
+                            default:
+                                SERVER_PRINT("Unknown PSA function code");
+                                break;
                         }
+                        SERVER_PRINT("Internal function call returned %d", ret);
 
                         if (msg.client_id > 0) {
                             psa_notify(msg.client_id);
                         } else {
                             SERVER_PRINT("Client is non-secure, so won't notify");
                         }
-
                 }
 
                 psa_reply(msg.handle, ret);

tests/scripts/all.sh

@@ -6213,7 +6213,7 @@ component_test_psasim() {
     make -C tests/psa-client-server/psasim CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS"
 
     msg "test psasim"
-    make -C tests/psa-client-server/psasim run
+    tests/psa-client-server/psasim/test/run_test.sh
 
     msg "clean psasim"
     make -C tests/psa-client-server/psasim clean