TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m.git / ed4502fe935caff061174bb8e0dfb15d1f7c97cb / . / secure_fw / partitions / initial_attestation / attestation_key.h
blob: cb35a94d816c7df5a6ee08db4e7d8ffd3189e38a [file] [log] [blame]
Tamas Ban28aeec32019-01-09 16:53:26 +0000[diff] [blame]1/*
Tamas Bane66b2312020-01-15 11:25:24 +0000[diff] [blame]2 * Copyright (c) 2019-2020, Arm Limited. All rights reserved.
Tamas Ban28aeec32019-01-09 16:53:26 +0000[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
8#ifndef __ATTESTATION_KEY_H__
9#define __ATTESTATION_KEY_H__
10
Jamie Foxcc31d402019-01-28 17:13:52 +0000[diff] [blame]11#include "psa/initial_attestation.h"
12#include "psa/crypto.h"
Tamas Bane66b2312020-01-15 11:25:24 +0000[diff] [blame]13#include "q_useful_buf.h"
Tamas Ban28aeec32019-01-09 16:53:26 +0000[diff] [blame]14
15#ifdef __cplusplus
16extern "C" {
17#endif
18
19/**
Raef Colesbfe47622019-10-22 10:15:41 +0100[diff] [blame]20 * \brief Register the initial attestation private key to Crypto service. Loads
21 * the public key if the key has not already been loaded.
Tamas Ban28aeec32019-01-09 16:53:26 +0000[diff] [blame]22 *
Raef Colesbfe47622019-10-22 10:15:41 +0100[diff] [blame]23 * \note Private key MUST be present on the device, otherwise initial
24 * attestation token cannot be signed.
Tamas Ban28aeec32019-01-09 16:53:26 +0000[diff] [blame]25 *
26 * \retval PSA_ATTEST_ERR_SUCCESS Key(s) was registered.
27 * \retval PSA_ATTEST_ERR_GENERAL Key(s) could not be registered.
28 */
Raef Colesbfe47622019-10-22 10:15:41 +0100[diff] [blame]29enum psa_attest_err_t
30attest_register_initial_attestation_key();
Tamas Ban6c08f9d2019-05-09 08:43:29 +0100[diff] [blame]31
Tamas Ban28aeec32019-01-09 16:53:26 +0000[diff] [blame]32/**
Tamas Ban6c08f9d2019-05-09 08:43:29 +0100[diff] [blame]33 * \brief Unregister the initial attestation private key from Crypto service
34 * to do not occupy key slot.
Tamas Ban28aeec32019-01-09 16:53:26 +0000[diff] [blame]35 *
36 * \retval PSA_ATTEST_ERR_SUCCESS Key(s) was unregistered.
37 * \retval PSA_ATTEST_ERR_GENERAL Key(s) could not be unregistered.
38 */
Raef Colesbfe47622019-10-22 10:15:41 +0100[diff] [blame]39enum psa_attest_err_t
40attest_unregister_initial_attestation_key();
41
42/**
43 * \brief Get a handle to the attestion private key.
44 *
45 * \param[out] key_handle Key handle for private key
46 *
47 * \retval PSA_ATTEST_ERR_SUCCESS Private key was successfully returned.
48 * \retval PSA_ATTEST_ERR_GENERAL Private key could not be returned.
49 */
50
51enum psa_attest_err_t
52attest_get_initial_attestation_private_key_handle(psa_key_handle_t *key_handle);
53
54/**
55 * \brief Get the public key derived from the initial attestation private key.
56 *
57 * \param[out] public_key Pointer to public key buffer.
58 * \param[out] public_key_len Size of public key in bytes.
59 * \param[out] public_key_curve Type of the curve that is used in the public
60 * key.
61 *
62 * \retval PSA_ATTEST_ERR_SUCCESS Public key was successfully returned.
63 * \retval PSA_ATTEST_ERR_GENERAL Public key could not be returned.
64 */
65
66enum psa_attest_err_t
67attest_get_initial_attestation_public_key(uint8_t **public_key,
68 size_t *public_key_len,
69 psa_ecc_curve_t *public_key_curve);
Tamas Bane66b2312020-01-15 11:25:24 +0000[diff] [blame]70
71/**
72 * \brief Get the attestation key ID. It is the hash (SHA256) of the COSE_Key
73 * encoded attestation public key.
74 *
75 * \param[out] attest_key_id Pointer and length of the key id.
76 *
77 * \retval PSA_ATTEST_ERR_SUCCESS Key id calculated successfully.
78 * \retval PSA_ATTEST_ERR_GENERAL Key id calculation failed.
79
80 */
81enum psa_attest_err_t
82attest_get_initial_attestation_key_id(struct q_useful_buf_c *attest_key_id);
83
Tamas Ban28aeec32019-01-09 16:53:26 +0000[diff] [blame]84#ifdef __cplusplus
85}
86#endif
87
88#endif /* __ATTESTATION_KEY_H__ */