Attest: Remove security epoch
The concept of security epoch was removed from
PSA Attestation specification.
Change-Id: I12c17e6679d7ba961c0605eb0ccc6f21aa7c2176
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
diff --git a/bl2/include/tfm_boot_status.h b/bl2/include/tfm_boot_status.h
index f31743b..3ee807f 100644
--- a/bl2/include/tfm_boot_status.h
+++ b/bl2/include/tfm_boot_status.h
@@ -78,7 +78,7 @@
/* Bits: 0-2 */
#define SW_VERSION 0x00
#define SW_SIGNER_ID 0x01
-#define SW_EPOCH 0x02
+/* Reserved 0x02 */
#define SW_TYPE 0x03
/* Bits: 3-5 */
#define SW_MEASURE_VALUE 0x08
@@ -101,7 +101,6 @@
#define TLV_MINOR_IAS_BL2_MEASURE_TYPE ((SW_BL2 << 6) | SW_MEASURE_TYPE)
#define TLV_MINOR_IAS_BL2_VERSION ((SW_BL2 << 6) | SW_VERSION)
#define TLV_MINOR_IAS_BL2_SIGNER_ID ((SW_BL2 << 6) | SW_SIGNER_ID)
-#define TLV_MINOR_IAS_BL2_EPOCH ((SW_BL2 << 6) | SW_EPOCH)
#define TLV_MINOR_IAS_BL2_TYPE ((SW_BL2 << 6) | SW_TYPE)
/* PROT: PSA Root of Trust */
@@ -109,7 +108,6 @@
#define TLV_MINOR_IAS_PROT_MEASURE_TYPE ((SW_PROT << 6) | SW_MEASURE_TYPE)
#define TLV_MINOR_IAS_PROT_VERSION ((SW_PROT << 6) | SW_VERSION)
#define TLV_MINOR_IAS_PROT_SIGNER_ID ((SW_PROT << 6) | SW_SIGNER_ID)
-#define TLV_MINOR_IAS_PROT_EPOCH ((SW_PROT << 6) | SW_EPOCH)
#define TLV_MINOR_IAS_PROT_TYPE ((SW_PROT << 6) | SW_TYPE)
/* AROT: Application Root of Trust */
@@ -117,7 +115,6 @@
#define TLV_MINOR_IAS_AROT_MEASURE_TYPE ((SW_AROT << 6) | SW_MEASURE_TYPE)
#define TLV_MINOR_IAS_AROT_VERSION ((SW_AROT << 6) | SW_VERSION)
#define TLV_MINOR_IAS_AROT_SIGNER_ID ((SW_AROT << 6) | SW_SIGNER_ID)
-#define TLV_MINOR_IAS_AROT_EPOCH ((SW_AROT << 6) | SW_EPOCH)
#define TLV_MINOR_IAS_AROT_TYPE ((SW_AROT << 6) | SW_TYPE)
/* Non-secure processing environment - single non-secure image */
@@ -125,7 +122,6 @@
#define TLV_MINOR_IAS_NSPE_MEASURE_TYPE ((SW_NSPE << 6) | SW_MEASURE_TYPE)
#define TLV_MINOR_IAS_NSPE_VERSION ((SW_NSPE << 6) | SW_VERSION)
#define TLV_MINOR_IAS_NSPE_SIGNER_ID ((SW_NSPE << 6) | SW_SIGNER_ID)
-#define TLV_MINOR_IAS_NSPE_EPOCH ((SW_NSPE << 6) | SW_EPOCH)
#define TLV_MINOR_IAS_NSPE_TYPE ((SW_NSPE << 6) | SW_TYPE)
/* Secure processing environment (ARoT + PRoT) - single secure image */
@@ -133,7 +129,6 @@
#define TLV_MINOR_IAS_SPE_MEASURE_TYPE ((SW_SPE << 6) | SW_MEASURE_TYPE)
#define TLV_MINOR_IAS_SPE_VERSION ((SW_SPE << 6) | SW_VERSION)
#define TLV_MINOR_IAS_SPE_SIGNER_ID ((SW_SPE << 6) | SW_SIGNER_ID)
-#define TLV_MINOR_IAS_SPE_EPOCH ((SW_SPE << 6) | SW_EPOCH)
#define TLV_MINOR_IAS_SPE_TYPE ((SW_SPE << 6) | SW_TYPE)
/* SPE + NSPE - combined secure and non-secure image */
@@ -141,7 +136,6 @@
#define TLV_MINOR_IAS_S_NS_MEASURE_TYPE ((SW_S_NS << 6) | SW_MEASURE_TYPE)
#define TLV_MINOR_IAS_S_NS_VERSION ((SW_S_NS << 6) | SW_VERSION)
#define TLV_MINOR_IAS_S_NS_SIGNER_ID ((SW_S_NS << 6) | SW_SIGNER_ID)
-#define TLV_MINOR_IAS_S_NS_EPOCH ((SW_S_NS << 6) | SW_EPOCH)
#define TLV_MINOR_IAS_S_NS_TYPE ((SW_S_NS << 6) | SW_TYPE)
/* General macros to handle TLV type */
diff --git a/bl2/src/boot_record.c b/bl2/src/boot_record.c
index fa592d2..625da32 100644
--- a/bl2/src/boot_record.c
+++ b/bl2/src/boot_record.c
@@ -146,37 +146,6 @@
}
/*!
- * \brief Add the security epoch counter of SW component to the shared
- * memory area
- *
- * \param[in] sw_module Identifier of the SW component
- *
- * \return Returns error code as specified in \ref boot_status_err_t
- */
-static enum boot_status_err_t
-boot_save_sw_epoch(uint8_t sw_module)
-{
- /*FixMe: Epoch does not exist in the current MCUBoot image manifest. Use a
- * hard coded value for now.
- */
- uint32_t epoch = 0;
- uint16_t ias_minor;
- enum shared_memory_err_t res;
-
- /* Add the security epoch counter of the SW components to the shared data */
- ias_minor = SET_IAS_MINOR(sw_module, SW_EPOCH);
- res = boot_add_data_to_shared_area(TLV_MAJOR_IAS,
- ias_minor,
- sizeof(epoch),
- (const uint8_t *)&epoch);
- if (res) {
- return BOOT_STATUS_ERROR;
- }
-
- return BOOT_STATUS_OK;
-}
-
-/*!
* \brief Add a type identifier(short test name) of SW component to the shared
* memory area
*
@@ -341,11 +310,6 @@
return res;
}
- res = boot_save_sw_epoch(sw_module);
- if (res) {
- return res;
- }
-
res = boot_save_sw_measurements(sw_module, hdr, fap);
if (res) {
return res;
diff --git a/docs/user_guides/services/tfm_attestation_integration_guide.rst b/docs/user_guides/services/tfm_attestation_integration_guide.rst
index 983d627..32dd586 100644
--- a/docs/user_guides/services/tfm_attestation_integration_guide.rst
+++ b/docs/user_guides/services/tfm_attestation_integration_guide.rst
@@ -89,9 +89,6 @@
component in memory at start-up time. The value must be a cryptographic
hash of 256 bits or stronger. Value is encoded as byte string.
- - **Security epoch**: Optional claim. It represents the security control
- point of the software component. Value is encoded as unsigned integer.
-
- **Version**: Optional claim. It represents the issued software
version. Value is encoded as text string.
diff --git a/interface/include/psa/initial_attestation.h b/interface/include/psa/initial_attestation.h
index 133c6dd..f5ef7e5 100644
--- a/interface/include/psa/initial_attestation.h
+++ b/interface/include/psa/initial_attestation.h
@@ -159,10 +159,6 @@
* cryptographic hash of 256 bits or stronger.Value is
* encoded as byte string.
*
- * - Security epoch: Optional claim. It represents the security control
- * point of the software component. Value is encoded as
- * unsigned integer.
- *
* - Version: Optional claim. It represents the issued software version.
* Value is encoded as text string.
*
diff --git a/secure_fw/services/initial_attestation/attest_eat_defines.h b/secure_fw/services/initial_attestation/attest_eat_defines.h
index fca1fb3..01a4dc2 100644
--- a/secure_fw/services/initial_attestation/attest_eat_defines.h
+++ b/secure_fw/services/initial_attestation/attest_eat_defines.h
@@ -27,7 +27,7 @@
#define EAT_CBOR_SW_COMPONENT_MEASUREMENT_TYPE (1)
#define EAT_CBOR_SW_COMPONENT_MEASUREMENT_VALUE (2)
-#define EAT_CBOR_SW_COMPONENT_SECURITY_EPOCH (3)
+/* Reserved (3) */
#define EAT_CBOR_SW_COMPONENT_VERSION (4)
#define EAT_CBOR_SW_COMPONENT_SIGNER_ID (5)
#define EAT_CBOR_SW_COMPONENT_MEASUREMENT_DESC (6)
diff --git a/secure_fw/services/initial_attestation/attestation_core.c b/secure_fw/services/initial_attestation/attestation_core.c
index fecf9d8..be5da2c 100644
--- a/secure_fw/services/initial_attestation/attestation_core.c
+++ b/secure_fw/services/initial_attestation/attestation_core.c
@@ -245,9 +245,6 @@
uint8_t tlv_id,
const struct q_useful_buf_c *claim_value)
{
- int32_t res;
- uint32_t value;
-
switch (tlv_id) {
case SW_MEASURE_VALUE:
attest_token_add_bstr(token_ctx,
@@ -269,15 +266,6 @@
EAT_CBOR_SW_COMPONENT_SIGNER_ID,
claim_value);
break;
- case SW_EPOCH:
- res = get_uint(claim_value->ptr, claim_value->len, &value);
- if (res) {
- return PSA_ATTEST_ERR_GENERAL;
- }
- attest_token_add_integer(token_ctx,
- EAT_CBOR_SW_COMPONENT_SECURITY_EPOCH,
- (int64_t)value);
- break;
case SW_TYPE:
attest_token_add_tstr(token_ctx,
EAT_CBOR_SW_COMPONENT_MEASUREMENT_TYPE,
diff --git a/test/suites/attestation/attest_token_decode.c b/test/suites/attestation/attest_token_decode.c
index d4145d7..ffb2a6f 100644
--- a/test/suites/attestation/attest_token_decode.c
+++ b/test/suites/attestation/attest_token_decode.c
@@ -615,19 +615,6 @@
CLAIM_PRESENT_BIT(SW_MEASURMENT_VAL_FLAG);
break;
- case EAT_CBOR_SW_COMPONENT_SECURITY_EPOCH:
- if(claim_item.uDataType != QCBOR_TYPE_INT64) {
- return_value = ATTETST_TOKEN_ERR_CBOR_TYPE;
- goto Done;
- }
- if(claim_item.val.int64 < UINT32_MAX &&
- claim_item.val.int64 > 0) {
- sw_component->epoch = (uint32_t)claim_item.val.int64;
- sw_component->item_flags |=
- CLAIM_PRESENT_BIT(SW_EPOCH_FLAG);
- }
- break;
-
case EAT_CBOR_SW_COMPONENT_VERSION:
if(claim_item.uDataType != QCBOR_TYPE_TEXT_STRING) {
return_value = ATTETST_TOKEN_ERR_CBOR_TYPE;
diff --git a/test/suites/attestation/attest_token_decode.h b/test/suites/attestation/attest_token_decode.h
index ab7a36d..258fdbe 100644
--- a/test/suites/attestation/attest_token_decode.h
+++ b/test/suites/attestation/attest_token_decode.h
@@ -485,7 +485,7 @@
enum attest_token_sw_index_t {
SW_MEASUREMENT_TYPE_FLAG = 0,
SW_MEASURMENT_VAL_FLAG = 1,
- SW_EPOCH_FLAG = 2,
+ /* Reserved: 2 */
SW_VERSION_FLAG = 3,
SW_SIGNER_ID_FLAG = 5,
SW_MEASUREMENT_DESC_FLAG = 6,
@@ -503,7 +503,6 @@
struct attest_token_sw_component_t {
struct q_useful_buf_c measurement_type; /* text string */
struct q_useful_buf_c measurement_val; /* binary string */
- uint32_t epoch;
struct q_useful_buf_c version; /* text string */
struct q_useful_buf_c signer_id; /* binary string */
struct q_useful_buf_c measurement_desc; /* text string */
diff --git a/test/suites/attestation/attest_token_test.c b/test/suites/attestation/attest_token_test.c
index 731f24c..f1dbc52 100644
--- a/test/suites/attestation/attest_token_test.c
+++ b/test/suites/attestation/attest_token_test.c
@@ -547,25 +547,6 @@
}
}
- /* -- Check first epoch -- */
- if(!IS_ITEM_FLAG_SET(SW_EPOCH_FLAG, sw_component->item_flags)) {
- /* Claim is not present in token */
- if(TOKEN_TEST_REQUIRE_SWC1_EPOCH) {
- /* It should have been present */
- return_value = -104;
- goto Done;
- }
- } else {
- /* Claim is present */
- /* Don't have to check if its presence is required */
- if(TOKEN_TEST_VALUE_SWC1_EPOCH != INT32_MAX &&
- sw_component->epoch != TOKEN_TEST_VALUE_SWC1_EPOCH) {
- /* Check of its value was requested and failed */
- return_value = -105;
- goto Done;
- }
- }
-
/* -- Check first version -- */
if(!IS_ITEM_FLAG_SET(SW_VERSION_FLAG, sw_component->item_flags)) {
/* Claim is not present in token */
@@ -712,25 +693,6 @@
}
}
- /* -- Check second epoch -- */
- if(!IS_ITEM_FLAG_SET(SW_EPOCH_FLAG, sw_component->item_flags)) {
- /* Claim is not present in token */
- if(TOKEN_TEST_REQUIRE_SWC2_EPOCH) {
- /* It should have been present */
- return_value = -104;
- goto Done;
- }
- } else {
- /* Claim is present */
- /* Don't have to check if its presence is required */
- if(TOKEN_TEST_VALUE_SWC2_EPOCH != INT32_MAX &&
- sw_component->epoch != TOKEN_TEST_VALUE_SWC2_EPOCH) {
- /* Check of its value was requested and failed */
- return_value = -105;
- goto Done;
- }
- }
-
/* -- Check second version -- */
if(!IS_ITEM_FLAG_SET(SW_VERSION_FLAG, sw_component->item_flags)) {
/* Claim is not present in token */
diff --git a/test/suites/attestation/attest_token_test_values.h b/test/suites/attestation/attest_token_test_values.h
index 012e509..1349f90 100644
--- a/test/suites/attestation/attest_token_test_values.h
+++ b/test/suites/attestation/attest_token_test_values.h
@@ -204,9 +204,9 @@
*/
#define TOKEN_TEST_REQUIRE_SWC1_MEASUREMENT_VAL true /* Mandatory field */
-/* Small unsigned integer */
-#define TOKEN_TEST_VALUE_SWC1_EPOCH INT32_MAX /* Value not checked */
-#define TOKEN_TEST_REQUIRE_SWC1_EPOCH false /* Optional field */
+
+/* Disable check of software version */
+#define TOKEN_TEST_VALUE_SWC1_VERSION NULL
/* Text string */
#define TOKEN_TEST_VALUE_SWC1_VERSION NULL /* Value not checked */
@@ -252,9 +252,6 @@
*/
#define TOKEN_TEST_REQUIRE_SWC2_MEASUREMENT_VAL true /* Mandatory field */
-/* Small unsigned integer */
-#define TOKEN_TEST_VALUE_SWC2_EPOCH INT32_MAX /* Value not checked */
-#define TOKEN_TEST_REQUIRE_SWC2_EPOCH false /* Optional field */
/* Text string */
#define TOKEN_TEST_VALUE_SWC2_VERSION NULL /* Value not checked */