TF-M Reference Manual  1.2.0
TrustedFirmware-M
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
attest_public_key.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  *
6  */
7 
8 #include "attest_public_key.h"
9 #include "psa/crypto.h"
10 #include <stdint.h>
11 #include "attest.h"
12 
19 #define ECC_CURVE_SECP256R1_PUBLIC_KEY_LENGTH (1 + 2 * PSA_BITS_TO_BYTES(256))
20 
26  const uint8_t a;
27  uint8_t public_key[]; /* X-coordinate || Y-coordinate */
28 };
29 
36 static uint32_t public_key_registered = 0;
37 
40 {
41  psa_status_t res;
42  psa_key_attributes_t key_attributes = psa_key_attributes_init();
43  uint8_t public_key_buff[ECC_CURVE_SECP256R1_PUBLIC_KEY_LENGTH] = {0};
44  size_t public_key_len;
45  psa_ecc_family_t ecc_curve;
46 
47  /* Public key should be unregistered at this point */
48  if (public_key_registered != 0) {
50  }
51 
52  res = tfm_initial_attest_get_public_key(public_key_buff,
53  sizeof(public_key_buff),
54  &public_key_len,
55  &ecc_curve);
56  if (res != PSA_SUCCESS) {
58  }
59 
60  /* Setup the key usage flags, algorithm and key type for public key */
61  psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_VERIFY);
62  psa_set_key_algorithm(&key_attributes, PSA_ALG_ECDSA(PSA_ALG_SHA_256));
63  psa_set_key_type(&key_attributes, PSA_KEY_TYPE_ECC_PUBLIC_KEY(ecc_curve));
64 
65  /* Register public key to Crypto service */
66  res = psa_import_key(&key_attributes,
67  (const uint8_t *)&public_key_buff,
68  public_key_len,
69  public_key);
70 
71  if (res != PSA_SUCCESS) {
73  }
74 
75  public_key_registered = 1;
76 
78 }
79 
82 {
83  psa_status_t crypto_res;
84 
85  if (public_key_registered != 1) {
87  }
88 
89  crypto_res = psa_destroy_key(public_key);
90  if (crypto_res != PSA_SUCCESS) {
92  }
93  public_key_registered = 0;
94 
96 }
psa_status_t tfm_initial_attest_get_public_key(uint8_t *public_key, size_t public_key_buf_size, size_t *public_key_len, psa_ecc_family_t *elliptic_curve_type)
Get the initial attestation public key.
#define PSA_SUCCESS
Definition: crypto_values.h:35
Platform Security Architecture cryptography module.
psa_attest_err_t
Initial attestation service error types.
Definition: attest.h:25
#define ECC_CURVE_SECP256R1_PUBLIC_KEY_LENGTH
Calculates the size of ECC public key in bytes based on the bit size of the curve.
#define PSA_ALG_SHA_256
#define psa_import_key
Definition: crypto_spe.h:57
#define PSA_KEY_TYPE_ECC_PUBLIC_KEY(curve)
#define PSA_KEY_USAGE_VERIFY
Definition: crypto_compat.h:71
_unsigned_integral_type_ psa_key_handle_t
Key handle.
Definition: crypto.h:35
#define PSA_ALG_ECDSA(hash_alg)
#define psa_destroy_key
Definition: crypto_spe.h:59
enum psa_attest_err_t attest_register_initial_attestation_public_key(psa_key_handle_t *public_key)
Register the initial attestation public key to Crypto service to verify the signature of the token...
uint8_t psa_ecc_family_t
Definition: crypto_types.h:69
enum psa_attest_err_t attest_unregister_initial_attestation_public_key(psa_key_handle_t public_key)
Unregister the initial attestation public key from Crypto service to do not occupy key slot...
int32_t psa_status_t
Function return status.
Definition: crypto_types.h:43