TF-M Reference Manual  1.2.0
TrustedFirmware-M
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
tfm_initial_attestation_ipc_api.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2018-2020, Arm Limited. All rights reserved.
3  *
4  * SPDX-License-Identifier: BSD-3-Clause
5  *
6  */
7 
9 #include "tfm_ns_interface.h"
10 #include "psa/client.h"
11 #include "psa/crypto_types.h"
12 #include "psa_manifest/sid.h"
13 
14 #define IOVEC_LEN(x) (sizeof(x)/sizeof(x[0]))
15 
17 psa_initial_attest_get_token(const uint8_t *auth_challenge,
18  size_t challenge_size,
19  uint8_t *token_buf,
20  size_t token_buf_size,
21  size_t *token_size)
22 {
24  psa_status_t status;
25 
26  psa_invec in_vec[] = {
27  {auth_challenge, challenge_size}
28  };
29  psa_outvec out_vec[] = {
30  {token_buf, token_buf_size}
31  };
32 
35  if (!PSA_HANDLE_IS_VALID(handle)) {
36  return PSA_HANDLE_TO_ERROR(handle);
37  }
38 
39  status = psa_call(handle, PSA_IPC_CALL,
40  in_vec, IOVEC_LEN(in_vec),
41  out_vec, IOVEC_LEN(out_vec));
42  psa_close(handle);
43 
44  if (status == PSA_SUCCESS) {
45  *token_size = out_vec[0].len;
46  }
47 
48  return status;
49 }
50 
52 psa_initial_attest_get_token_size(size_t challenge_size,
53  size_t *token_size)
54 {
56  psa_status_t status;
57  psa_invec in_vec[] = {
58  {&challenge_size, sizeof(challenge_size)}
59  };
60  psa_outvec out_vec[] = {
61  {token_size, sizeof(size_t)}
62  };
63 
66  if (!PSA_HANDLE_IS_VALID(handle)) {
67  return PSA_HANDLE_TO_ERROR(handle);
68  }
69 
70  status = psa_call(handle, PSA_IPC_CALL,
71  in_vec, IOVEC_LEN(in_vec),
72  out_vec, IOVEC_LEN(out_vec));
73  psa_close(handle);
74 
75  return status;
76 }
77 
80  size_t public_key_buf_size,
81  size_t *public_key_len,
82  psa_ecc_family_t *elliptic_curve_type)
83 {
85  psa_status_t status;
86 
87  psa_outvec out_vec[] = {
88  {.base = public_key, .len = public_key_buf_size},
89  {.base = elliptic_curve_type, .len = sizeof(*elliptic_curve_type)},
90  {.base = public_key_len, .len = sizeof(*public_key_len)}
91  };
92 
95  if (!PSA_HANDLE_IS_VALID(handle)) {
96  return PSA_HANDLE_TO_ERROR(handle);
97  }
98 
99  status = psa_call(handle, PSA_IPC_CALL,
100  NULL, 0,
101  out_vec, IOVEC_LEN(out_vec));
102  psa_close(handle);
103 
104  return status;
105 }
#define TFM_ATTEST_GET_PUBLIC_KEY_VERSION
Definition: sid.h:57
psa_status_t tfm_initial_attest_get_public_key(uint8_t *public_key, size_t public_key_buf_size, size_t *public_key_len, psa_ecc_family_t *elliptic_curve_type)
Get the initial attestation public key.
void * base
Definition: client.h:75
#define TFM_ATTEST_GET_TOKEN_VERSION
Definition: sid.h:53
#define PSA_SUCCESS
Definition: crypto_values.h:35
PSA cryptography module: type aliases.
void psa_close(psa_handle_t handle)
Close a connection to an RoT Service.
Definition: psa_client.c:63
#define TFM_ATTEST_GET_TOKEN_SIZE_SID
Definition: sid.h:54
psa_status_t psa_initial_attest_get_token(const uint8_t *auth_challenge, size_t challenge_size, uint8_t *token_buf, size_t token_buf_size, size_t *token_size)
Get initial attestation token.
psa_handle_t psa_connect(uint32_t sid, uint32_t version)
Connect to an RoT Service by its SID.
Definition: psa_client.c:30
#define PSA_HANDLE_IS_VALID(handle)
Definition: client.h:43
#define PSA_HANDLE_TO_ERROR(handle)
Definition: client.h:49
#define TFM_ATTEST_GET_TOKEN_SIZE_VERSION
Definition: sid.h:55
#define PSA_NULL_HANDLE
Definition: client.h:38
size_t len
Definition: client.h:76
int32_t psa_handle_t
Definition: client.h:61
#define TFM_ATTEST_GET_PUBLIC_KEY_SID
Definition: sid.h:56
#define TFM_ATTEST_GET_TOKEN_SID
Definition: sid.h:52
#define PSA_IPC_CALL
Definition: client.h:59
uint8_t psa_ecc_family_t
Definition: crypto_types.h:69
int32_t psa_status_t
Function return status.
Definition: crypto_types.h:43
psa_status_t psa_call(psa_handle_t handle, int32_t type, const psa_invec *in_vec, size_t in_len, psa_outvec *out_vec, size_t out_len)
Call an RoT Service on an established connection.
Definition: psa_client.c:47
#define IOVEC_LEN(x)
psa_status_t psa_initial_attest_get_token_size(size_t challenge_size, size_t *token_size)
Get the exact size of initial attestation token in bytes.