/****************************************************************************
* apps/testing/setest/setest.c
*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright ownership. The
* ASF licenses this file to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance with the
* License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations
* under the License.
*
****************************************************************************/
/* Copyright 2023 NXP */
/****************************************************************************
* Included Files
****************************************************************************/
#include <fcntl.h>
#include <libgen.h>
#include <nuttx/crypto/se05x.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/ioctl.h>
/****************************************************************************
* Pre-processor Definitions
****************************************************************************/
#define DEFAULT_SETTINGS \
{ \
.se05x_dev = default_se05x_device, .skip_process = FALSE, \
.base_id = 0x230000 \
}
/****************************************************************************
* Private Types
****************************************************************************/
struct settings_t
{
FAR char *se05x_dev;
bool skip_process;
uint32_t base_id;
};
/****************************************************************************
* Private Data
****************************************************************************/
static char default_se05x_device[] = "/dev/se05x";
/****************************************************************************
* Private Functions
****************************************************************************/
static void print_usage(FAR FILE *f, char *prg)
{
fprintf(f, "%s - Secure Element Test\n", prg);
fprintf(f, "\nUsage: %s [options] <secure element device>\n", prg);
fprintf(f, "Options:\n");
fprintf(f, " -b <id> (use base address <id>\n");
fprintf(f, " default = 0x230000)\n");
}
static int parse_arguments(int argc, FAR char *argv[],
FAR struct settings_t *settings)
{
int result = 0;
int opt;
FAR char *prg = basename(argv[0]);
while (((opt = getopt(argc, argv, "b:h")) != -1) && (result == 0))
{
switch (opt)
{
case 'b':
settings->base_id = (uint32_t)strtoul(optarg, NULL, 0);
break;
case 'h':
print_usage(stdout, prg);
settings->skip_process = TRUE;
break;
default:
print_usage(stderr, prg);
result = -EINVAL;
break;
}
}
if ((result == 0) && (!settings->skip_process))
{
settings->se05x_dev = default_se05x_device;
/* if device is specified as positional argument */
if (optind != argc)
{
settings->se05x_dev = argv[optind];
}
}
return result;
}
static uint32_t get_se05x_id(FAR struct settings_t *settings, uint32_t id)
{
return settings->base_id + id;
}
static void print_result(bool success)
{
if (success)
{
puts(" SUCCESS");
}
else
{
puts(" FAIL");
}
}
static int invert_result(int result)
{
return result != 0 ? 0 : -1;
}
static int run_tests(int fd, FAR struct settings_t *settings)
{
int result = 0;
puts("Setup");
for (uint32_t id = get_se05x_id(settings, 1);
id < get_se05x_id(settings, 5); id++)
{
/* result is neglected because already empty entries result with
* errors
*/
(void)ioctl(fd, SEIOC_DELETE_KEY, id);
}
puts("Generate 3 keypairs");
for (uint32_t id = get_se05x_id(settings, 1);
(id < get_se05x_id(settings, 4)) && (result == 0); id++)
{
struct se05x_generate_keypair_s args = {
.id = id, .cipher = SE05X_ASYM_CIPHER_EC_NIST_P_256
};
result = ioctl(fd, SEIOC_GENERATE_KEYPAIR, &args);
}
print_result(result == 0);
uint8_t public_key[300];
size_t public_key_size;
if (result == 0)
{
puts("Read from pub #1");
struct se05x_key_transmission_s args = {
.entry = {.id = get_se05x_id(settings, 1),
.cipher = SE05X_ASYM_CIPHER_EC_NIST_P_256},
.content = {.buffer = public_key,
.buffer_size = sizeof(public_key)}
};
result = ioctl(fd, SEIOC_GET_KEY, &args);
public_key_size = args.content.buffer_content_size;
print_result(result == 0);
}
if (result == 0)
{
puts("Write to pub #4");
struct se05x_key_transmission_s args = {
.entry = {.id = get_se05x_id(settings, 4),
.cipher = SE05X_ASYM_CIPHER_EC_NIST_P_256},
.content = {.buffer = public_key,
.buffer_size = public_key_size,
.buffer_content_size = public_key_size}
};
result = ioctl(fd, SEIOC_SET_KEY, &args);
print_result(result == 0);
}
uint8_t hash[32] = {
0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10,
11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21,
22, 23, 24, 25, 26, 27, 28, 29, 30, 31
};
uint8_t signature[300];
size_t signature_content_size;
if (result == 0)
{
puts("Create signature with priv #1");
struct se05x_signature_s args = {
.key_id = get_se05x_id(settings, 1),
.algorithm = SE05X_ALGORITHM_SHA256,
.tbs = {.buffer = hash,
.buffer_size = sizeof(hash),
.buffer_content_size = sizeof(hash)},
.signature = {.buffer = signature,
.buffer_size = sizeof(signature)},
};
result = ioctl(fd, SEIOC_CREATE_SIGNATURE, &args);
signature_content_size = args.signature.buffer_content_size;
print_result(result == 0);
}
if (result == 0)
{
puts("Verify signature with pub #4");
struct se05x_signature_s args = {
.key_id = get_se05x_id(settings, 4),
.algorithm = SE05X_ALGORITHM_SHA256,
.tbs = {.buffer = hash,
.buffer_size = sizeof(hash),
.buffer_content_size = sizeof(hash)},
.signature = {.buffer = signature,
.buffer_content_size = signature_content_size},
};
result = ioctl(fd, SEIOC_VERIFY_SIGNATURE, &args);
print_result(result == 0);
}
if (result == 0)
{
puts("Verification of signature with pub #2 should be dissapproved");
struct se05x_signature_s args = {
.key_id = get_se05x_id(settings, 2),
.algorithm = SE05X_ALGORITHM_SHA256,
.tbs = {.buffer = hash, .buffer_size = sizeof(hash)},
.signature = {.buffer = signature,
.buffer_content_size = signature_content_size},
};
result = invert_result(ioctl(fd, SEIOC_VERIFY_SIGNATURE, &args));
print_result(result == 0);
}
uint8_t symm_key_a[32];
if (result == 0)
{
puts("Derive symm key #a from priv #1 and pub #2");
struct se05x_derive_key_s args = {
.private_key_id = get_se05x_id(settings, 1),
.public_key_id = get_se05x_id(settings, 2),
.content = {.buffer = symm_key_a,
.buffer_size = sizeof(symm_key_a)},
};
result = ioctl(fd, SEIOC_DERIVE_SYMM_KEY, &args);
print_result(result == 0);
}
uint8_t symm_key_b[32];
if (result == 0)
{
puts("Derive symm key #b from priv #2 and pub #1");
struct se05x_derive_key_s args = {
.private_key_id = get_se05x_id(settings, 2),
.public_key_id = get_se05x_id(settings, 1),
.content = {.buffer = symm_key_b,
.buffer_size = sizeof(symm_key_b)},
};
result = ioctl(fd, SEIOC_DERIVE_SYMM_KEY, &args);
print_result(result == 0);
}
uint8_t symm_key_c[32];
if (result == 0)
{
puts("Derive symm key #c from priv #1 and pub #3");
struct se05x_derive_key_s args = {
.private_key_id = get_se05x_id(settings, 1),
.public_key_id = get_se05x_id(settings, 3),
.content = {.buffer = symm_key_c,
.buffer_size = sizeof(symm_key_c)},
};
result = ioctl(fd, SEIOC_DERIVE_SYMM_KEY, &args);
print_result(result == 0);
}
if (result == 0)
{
puts("Symm key #a and #b should be equal");
result = memcmp(symm_key_a, symm_key_b, sizeof(symm_key_a));
print_result(result == 0);
}
if (result == 0)
{
puts("Symm key #a and #c should be different");
result =
invert_result(memcmp(symm_key_a, symm_key_c, sizeof(symm_key_a)));
print_result(result == 0);
}
if (result == 0)
{
puts("All tests succeeded!\n");
}
return result;
}
/****************************************************************************
* Public Functions
****************************************************************************/
int main(int argc, FAR char *argv[])
{
struct settings_t settings = DEFAULT_SETTINGS;
int result = parse_arguments(argc, argv, &settings);
int fd;
if ((result == 0) && (!settings.skip_process))
{
fd = open(settings.se05x_dev, O_RDONLY);
if (fd == -1)
{
result = -ENODEV;
}
else
{
run_tests(fd, &settings);
close(fd);
}
}
if (result != 0)
{
fprintf(stderr, "err %i: %s\n", -result, strerror(-result));
}
return result == 0 ? EXIT_SUCCESS : EXIT_FAILURE;
}