Attest: Extend attestation API to get public key
Add new function to the attestation APIs (PSA and SPM) to be able to
extract the public part of the initial attestation key pair.
Change-Id: I46cfc4045972eb039326f5053f37d21b5ead0b2f
Signed-off-by: David Vincze <david.vincze@arm.com>
diff --git a/interface/include/psa/initial_attestation.h b/interface/include/psa/initial_attestation.h
index f5ef7e5..6a7b8d8 100644
--- a/interface/include/psa/initial_attestation.h
+++ b/interface/include/psa/initial_attestation.h
@@ -17,6 +17,8 @@
#include <limits.h>
#include <stdint.h>
+#include <stddef.h>
+#include "psa/crypto.h"
#ifdef __cplusplus
extern "C" {
@@ -217,6 +219,26 @@
psa_initial_attest_get_token_size(uint32_t challenge_size,
uint32_t *token_size);
+/**
+ * \brief Get the initial attestation public key.
+ *
+ * \param[out] public_key Pointer to the buffer where the public key
+ * will be stored.
+ * \param[in] key_buf_size Size of allocated buffer for key, in bytes.
+ * \param[out] public_key_len Size of public key in bytes.
+ * \param[out] public_key_curve Type of the elliptic curve which the key
+ * belongs to.
+ *
+ * \note Currently only the ECDSA P-256 over SHA-256 algorithm is supported.
+ *
+ * \return Returns error code as specified in \ref psa_attest_err_t
+ */
+enum psa_attest_err_t
+tfm_initial_attest_get_public_key(uint8_t *public_key,
+ size_t public_key_buf_size,
+ size_t *public_key_len,
+ psa_ecc_curve_t *elliptic_curve_type);
+
#ifdef __cplusplus
}
#endif