15 #include "q_useful_buf.h"
16 #include "qcbor_util.h"
17 #include "t_cose_common.h"
18 #include "t_cose_mac0_verify.h"
19 #include "tfm_plat_crypto_keys.h"
22 #define SYMMETRIC_IAK_MAX_SIZE PSA_MAC_MAX_SIZE
32 struct q_useful_buf_c token)
34 enum t_cose_err_t t_cose_error;
37 int32_t t_cose_options = T_COSE_OPT_DECODE_ONLY;
38 struct t_cose_mac0_verify_ctx verify_ctx;
39 struct t_cose_key attest_key = T_COSE_NULL_KEY;
41 t_cose_mac0_verify_init(&verify_ctx, t_cose_options);
43 t_cose_mac0_set_verify_key(&verify_ctx, attest_key);
45 t_cose_error = t_cose_mac0_verify(&verify_ctx,
51 return_value = map_t_cose_errors(t_cose_error);
70 enum tfm_plat_err_t plat_res;
75 plat_res = tfm_plat_get_symmetric_iak(key_buf,
sizeof(key_buf),
77 if (plat_res != TFM_PLAT_ERR_SUCCESS) {
94 psa_set_key_algorithm(&key_attributes, key_alg);
98 psa_res =
psa_import_key(&key_attributes, key_buf, key_len, &key_handle);
103 *verify_key_handle = key_handle;
127 struct q_useful_buf_c token)
129 enum t_cose_err_t t_cose_error;
131 int32_t t_cose_options = 0;
132 struct t_cose_mac0_verify_ctx verify_ctx;
133 struct t_cose_key attest_key;
136 return_value = decode_register_verify_key(&key_handle);
142 t_cose_options |= T_COSE_OPT_ALLOW_SHORT_CIRCUIT;
145 t_cose_mac0_verify_init(&verify_ctx, t_cose_options);
147 attest_key.crypto_lib = T_COSE_CRYPTO_LIB_PSA;
148 attest_key.k.key_handle = (uint64_t)key_handle;
149 t_cose_mac0_set_verify_key(&verify_ctx, attest_key);
151 t_cose_error = t_cose_mac0_verify(&verify_ctx,
156 return_value = map_t_cose_errors(t_cose_error);
159 decode_unregister_verify_key(key_handle);
enum attest_token_err_t last_error
Attestation Token Decoding Interface.
Platform Security Architecture cryptography module.
#define PSA_ALG_HMAC(hash_alg)
#define PSA_KEY_ATTRIBUTES_INIT
enum attest_token_err_t attest_token_decode_validate_token(struct attest_token_decode_context *me, struct q_useful_buf_c token)
Set the token to work on and validate its signature.
#define SYMMETRIC_IAK_MAX_SIZE
uint32_t psa_algorithm_t
Encoding of a cryptographic algorithm.
#define PSA_KEY_USAGE_VERIFY
#define PSA_KEY_TYPE_HMAC
#define TOKEN_OPT_SHORT_CIRCUIT_SIGN
struct q_useful_buf_c payload
int32_t psa_status_t
Function return status.