commit 48a0eb5dd2a647edb82a44c61970310fcf3c79ab
author Tamas Ban <tamas.ban@arm.com> Fri Aug 17 12:48:05 2018 +0100
committer Tamas Ban <tamas.ban@arm.com> Wed Dec 05 16:05:14 2018 +0100
tree 40e589c0d20ad1aca0c2a15fc10b0965034f47e4
parent 6dfa6eb6eaaf2faa3c25150b038efd2d37358705

Attest: Add initial attestation prototype

Details:
 - implement initial version of API
 - implement veneer function and SVC handler
 - implement wrapper functions around veneers on S and NS side
 - create manifest files and generate new partition defines
 - add attestation service to build system
 - update linker scripts for ARMCLANG and GNUARM

Change-Id: I987509c6cad08fcd082667bca7dbc9a328ea03de
Signed-off-by: Tamas Ban <tamas.ban@arm.com>

interface/include/tfm_initial_attestation_veneers.h

diff --git a/interface/include/tfm_initial_attestation_veneers.h b/interface/include/tfm_initial_attestation_veneers.h
new file mode 100644
index 0000000..502ab3e
--- /dev/null
+++ b/interface/include/tfm_initial_attestation_veneers.h
@@ -0,0 +1,37 @@
+/*
+ * Copyright (c) 2018, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#ifndef __TFM_INITIAL_ATTESTATION_VENEERS_H__
+#define __TFM_INITIAL_ATTESTATION_VENEERS_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "psa_client.h"
+
+/**
+ * \brief Get initial attestation token
+ *
+ * \param[in]     in_vec     Pointer to in_vec array, which contains input data
+ *                           to attestation service
+ * \param[in]     num_invec  Number of elements in in_vec array
+ * \param[in/out] out_vec    Pointer out_vec array, which contains output data
+ *                           to attestation service
+ * \param[in]     num_outvec Number of elements in out_vec array
+ *
+ * \return Returns error code as specified in \ref psa_attest_err_t
+ */
+enum psa_attest_err_t
+tfm_attest_veneer_get_token(const psa_invec  *in_vec,  uint32_t num_invec,
+                                  psa_outvec *out_vec, uint32_t num_outvec);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __TFM_INITIAL_ATTESTATION_VENEERS_H__ */

interface/src/tfm_initial_attestation_api.c

diff --git a/interface/src/tfm_initial_attestation_api.c b/interface/src/tfm_initial_attestation_api.c
new file mode 100644
index 0000000..b935f34
--- /dev/null
+++ b/interface/src/tfm_initial_attestation_api.c
@@ -0,0 +1,31 @@
+/*
+ * Copyright (c) 2018, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "psa_initial_attestation_api.h"
+#include "tfm_initial_attestation_veneers.h"
+#include "tfm_ns_lock.h"
+#include "psa_client.h"
+
+enum psa_attest_err_t
+psa_initial_attest_get_token(const uint8_t *challenge_obj,
+                             uint32_t       challenge_size,
+                             uint8_t       *token,
+                             uint32_t      *token_size)
+{
+    psa_invec  in_vec[1];
+    psa_outvec out_vec[1];
+
+    in_vec[0].base = challenge_obj;
+    in_vec[0].len  = challenge_size;
+
+    out_vec[0].base = token;
+    out_vec[0].len  = *token_size;
+
+    return tfm_ns_lock_dispatch((veneer_fn)tfm_attest_veneer_get_token,
+                                (uint32_t)in_vec,  1,
+                                (uint32_t)out_vec, 1);
+}