Platform: Add getter functions for attestation
Getter functions were added to attestation HAL to retrive the
following optional claims for initial attestation service:
- Verification Service Indicator
- Profile Definition
Change-Id: I3be78e7713ba4a4c25165d9ae12efbf5f1d4ff75
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
diff --git a/platform/ext/target/mps2/an519/attest_hal.c b/platform/ext/target/mps2/an519/attest_hal.c
index 59b2476..d0c0e82 100644
--- a/platform/ext/target/mps2/an519/attest_hal.c
+++ b/platform/ext/target/mps2/an519/attest_hal.c
@@ -6,8 +6,31 @@
*/
#include "platform/include/tfm_attest_hal.h"
+#include <stdint.h>
+
+/* Example verification service URL for initial attestation token */
+static const char verification_service_url[] = "www.trustedfirmware.org";
+
+/* Example profile definition document for initial attestation token */
+static const char attestation_profile_definition[] = "psa-tfm-profile-1.md";
enum tfm_security_lifecycle_t tfm_attest_hal_get_security_lifecycle(void)
{
return TFM_SLC_SECURED;
}
+
+const char *
+tfm_attest_hal_get_verification_service(uint32_t *size)
+{
+ *size = sizeof(verification_service_url) - 1;
+
+ return verification_service_url;
+}
+
+const char *
+tfm_attest_hal_get_profile_definition(uint32_t *size)
+{
+ *size = sizeof(attestation_profile_definition) - 1;
+
+ return attestation_profile_definition;
+}
diff --git a/platform/ext/target/mps2/an521/attest_hal.c b/platform/ext/target/mps2/an521/attest_hal.c
index 59b2476..d0c0e82 100644
--- a/platform/ext/target/mps2/an521/attest_hal.c
+++ b/platform/ext/target/mps2/an521/attest_hal.c
@@ -6,8 +6,31 @@
*/
#include "platform/include/tfm_attest_hal.h"
+#include <stdint.h>
+
+/* Example verification service URL for initial attestation token */
+static const char verification_service_url[] = "www.trustedfirmware.org";
+
+/* Example profile definition document for initial attestation token */
+static const char attestation_profile_definition[] = "psa-tfm-profile-1.md";
enum tfm_security_lifecycle_t tfm_attest_hal_get_security_lifecycle(void)
{
return TFM_SLC_SECURED;
}
+
+const char *
+tfm_attest_hal_get_verification_service(uint32_t *size)
+{
+ *size = sizeof(verification_service_url) - 1;
+
+ return verification_service_url;
+}
+
+const char *
+tfm_attest_hal_get_profile_definition(uint32_t *size)
+{
+ *size = sizeof(attestation_profile_definition) - 1;
+
+ return attestation_profile_definition;
+}
diff --git a/platform/ext/target/musca_a/attest_hal.c b/platform/ext/target/musca_a/attest_hal.c
index 59b2476..d0c0e82 100644
--- a/platform/ext/target/musca_a/attest_hal.c
+++ b/platform/ext/target/musca_a/attest_hal.c
@@ -6,8 +6,31 @@
*/
#include "platform/include/tfm_attest_hal.h"
+#include <stdint.h>
+
+/* Example verification service URL for initial attestation token */
+static const char verification_service_url[] = "www.trustedfirmware.org";
+
+/* Example profile definition document for initial attestation token */
+static const char attestation_profile_definition[] = "psa-tfm-profile-1.md";
enum tfm_security_lifecycle_t tfm_attest_hal_get_security_lifecycle(void)
{
return TFM_SLC_SECURED;
}
+
+const char *
+tfm_attest_hal_get_verification_service(uint32_t *size)
+{
+ *size = sizeof(verification_service_url) - 1;
+
+ return verification_service_url;
+}
+
+const char *
+tfm_attest_hal_get_profile_definition(uint32_t *size)
+{
+ *size = sizeof(attestation_profile_definition) - 1;
+
+ return attestation_profile_definition;
+}
diff --git a/platform/ext/target/musca_b1/attest_hal.c b/platform/ext/target/musca_b1/attest_hal.c
index 59b2476..d0c0e82 100644
--- a/platform/ext/target/musca_b1/attest_hal.c
+++ b/platform/ext/target/musca_b1/attest_hal.c
@@ -6,8 +6,31 @@
*/
#include "platform/include/tfm_attest_hal.h"
+#include <stdint.h>
+
+/* Example verification service URL for initial attestation token */
+static const char verification_service_url[] = "www.trustedfirmware.org";
+
+/* Example profile definition document for initial attestation token */
+static const char attestation_profile_definition[] = "psa-tfm-profile-1.md";
enum tfm_security_lifecycle_t tfm_attest_hal_get_security_lifecycle(void)
{
return TFM_SLC_SECURED;
}
+
+const char *
+tfm_attest_hal_get_verification_service(uint32_t *size)
+{
+ *size = sizeof(verification_service_url) - 1;
+
+ return verification_service_url;
+}
+
+const char *
+tfm_attest_hal_get_profile_definition(uint32_t *size)
+{
+ *size = sizeof(attestation_profile_definition) - 1;
+
+ return attestation_profile_definition;
+}
diff --git a/platform/include/tfm_attest_hal.h b/platform/include/tfm_attest_hal.h
index f22162e..b43b109 100644
--- a/platform/include/tfm_attest_hal.h
+++ b/platform/include/tfm_attest_hal.h
@@ -8,6 +8,8 @@
#ifndef __TFM_ATTEST_HAL_H__
#define __TFM_ATTEST_HAL_H__
+#include <stdint.h>
+
#ifdef __cplusplus
extern "C" {
#endif
@@ -34,6 +36,38 @@
*/
enum tfm_security_lifecycle_t tfm_attest_hal_get_security_lifecycle(void);
+/**
+ * \brief Retrieve the verification service indicator for initial attestation.
+ *
+ * It is used by relying party to locate a validation service for the token.
+ * It can be a text string that can be used to locate the service or can be a
+ * URL specifying the address of the service.
+ *
+ * \param[out] size Length of the string, without the termination zero byte.
+ *
+ * \return NULL pointer if not available otherwise the address of the
+ * verification service string in the device memory.
+ */
+const char *
+tfm_attest_hal_get_verification_service(uint32_t *size);
+
+/**
+ * \brief Retrieve the name of the profile definition document for initial
+ * attestation.
+ *
+ * This document describes the 'profile' of the initial attestation token,
+ * being a full description of the claims, their usage, verification and
+ * token signing.
+ *
+ * \param[out] size Length of the document name, without the termination zero
+ * byte.
+ *
+ * \return NULL pointer if not available otherwise the address of the document
+ * name string in the device memory.
+ */
+const char *
+tfm_attest_hal_get_profile_definition(uint32_t *size);
+
#ifdef __cplusplus
}
#endif