TF-M Reference Manual  1.2.0
TrustedFirmware-M
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
tfm_attest_secure_api.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  *
6  */
7 
9 #include "psa/client.h"
10 #include "tfm_veneers.h"
11 #include "tfm_memory_utils.h"
12 #include "tfm_secure_api.h"
13 #ifdef TFM_PSA_API
14 #include "psa_manifest/sid.h"
15 #endif
16 #include <string.h>
17 
18 #define IOVEC_LEN(x) (sizeof(x)/sizeof(x[0]))
19 
20 __attribute__((section("SFN")))
22 psa_initial_attest_get_token(const uint8_t *auth_challenge,
23  size_t challenge_size,
24  uint8_t *token_buf,
25  size_t token_buf_size,
26  size_t *token_size)
27 {
28  psa_status_t status;
29  psa_invec in_vec[] = {
30  {auth_challenge, challenge_size}
31  };
32  psa_outvec out_vec[] = {
33  {token_buf, token_buf_size}
34  };
35 
36 #ifdef TFM_PSA_API
40  if (!PSA_HANDLE_IS_VALID(handle)) {
41  return PSA_HANDLE_TO_ERROR(handle);
42  }
43 
44  status = psa_call(handle, PSA_IPC_CALL,
45  in_vec, IOVEC_LEN(in_vec),
46  out_vec, IOVEC_LEN(out_vec));
47  psa_close(handle);
48 #else
49  status = tfm_initial_attest_get_token_veneer(in_vec, IOVEC_LEN(in_vec),
50  out_vec, IOVEC_LEN(out_vec));
51 #endif
52  if (status == PSA_SUCCESS) {
53  *token_size = out_vec[0].len;
54  }
55 
56  return status;
57 }
58 
59 __attribute__((section("SFN")))
61 psa_initial_attest_get_token_size(size_t challenge_size,
62  size_t *token_size)
63 {
64  psa_status_t status;
65  psa_invec in_vec[] = {
66  {&challenge_size, sizeof(challenge_size) }
67  };
68  psa_outvec out_vec[] = {
69  {token_size, sizeof(size_t)}
70  };
71 
72 #ifdef TFM_PSA_API
76  if (!PSA_HANDLE_IS_VALID(handle)) {
77  return PSA_HANDLE_TO_ERROR(handle);
78  }
79 
80  status = psa_call(handle, PSA_IPC_CALL,
81  in_vec, IOVEC_LEN(in_vec),
82  out_vec, IOVEC_LEN(out_vec));
83  psa_close(handle);
84 #else
85 
86  status = tfm_initial_attest_get_token_size_veneer(in_vec, IOVEC_LEN(in_vec),
87  out_vec, IOVEC_LEN(out_vec));
88 #endif
89 
90  return status;
91 }
92 
93 __attribute__((section("SFN")))
96  size_t public_key_buf_size,
97  size_t *public_key_len,
98  psa_ecc_family_t *elliptic_curve_type)
99 {
100  psa_status_t status;
101 
102  psa_outvec out_vec[] = {
103  {.base = public_key, .len = public_key_buf_size},
104  {.base = elliptic_curve_type, .len = sizeof(*elliptic_curve_type)},
105  {.base = public_key_len, .len = sizeof(*public_key_len)}
106  };
107 
108 #ifdef TFM_PSA_API
109  psa_handle_t handle = PSA_NULL_HANDLE;
110 
113  if (!PSA_HANDLE_IS_VALID(handle)) {
114  return PSA_HANDLE_TO_ERROR(handle);
115  }
116 
117  status = psa_call(handle, PSA_IPC_CALL,
118  NULL, 0,
119  out_vec, IOVEC_LEN(out_vec));
120  psa_close(handle);
121 #else
122  status = tfm_initial_attest_get_public_key_veneer(NULL, 0,
123  out_vec, IOVEC_LEN(out_vec));
124 #endif
125 
126  return status;
127 }
#define TFM_ATTEST_GET_PUBLIC_KEY_VERSION
Definition: sid.h:57
void * base
Definition: client.h:75
#define TFM_ATTEST_GET_TOKEN_VERSION
Definition: sid.h:53
#define PSA_SUCCESS
Definition: crypto_values.h:35
void psa_close(psa_handle_t handle)
Close a connection to an RoT Service.
Definition: psa_client.c:63
#define TFM_ATTEST_GET_TOKEN_SIZE_SID
Definition: sid.h:54
psa_handle_t psa_connect(uint32_t sid, uint32_t version)
Connect to an RoT Service by its SID.
Definition: psa_client.c:30
#define PSA_HANDLE_IS_VALID(handle)
Definition: client.h:43
#define PSA_HANDLE_TO_ERROR(handle)
Definition: client.h:49
#define TFM_ATTEST_GET_TOKEN_SIZE_VERSION
Definition: sid.h:55
psa_status_t psa_initial_attest_get_token_size(size_t challenge_size, size_t *token_size)
Get the exact size of initial attestation token in bytes.
psa_status_t psa_initial_attest_get_token(const uint8_t *auth_challenge, size_t challenge_size, uint8_t *token_buf, size_t token_buf_size, size_t *token_size)
Get initial attestation token.
#define PSA_NULL_HANDLE
Definition: client.h:38
size_t len
Definition: client.h:76
int32_t psa_handle_t
Definition: client.h:61
#define TFM_ATTEST_GET_PUBLIC_KEY_SID
Definition: sid.h:56
psa_status_t tfm_initial_attest_get_public_key(uint8_t *public_key, size_t public_key_buf_size, size_t *public_key_len, psa_ecc_family_t *elliptic_curve_type)
Get the initial attestation public key.
#define TFM_ATTEST_GET_TOKEN_SID
Definition: sid.h:52
#define PSA_IPC_CALL
Definition: client.h:59
uint8_t psa_ecc_family_t
Definition: crypto_types.h:69
int32_t psa_status_t
Function return status.
Definition: crypto_types.h:43
psa_status_t psa_call(psa_handle_t handle, int32_t type, const psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len)
Call an RoT Service on an established connection.
Definition: psa_client.c:47
#define IOVEC_LEN(x)