SST: First public draft of PSA SST APIs
This patch releases the first public draft of Platform Security
Architecture (PSA) Secure Storage (SST) APIs.
The APIs are defined in psa_sst_api.h.
More information can be found in tfm_sst_integration_guide.md
The patch also accomodates the SST implementation and tests
accordingly.
Change-Id: Ibe537939f9692a86816fa0c7b2a8d070a502fd2c
Signed-off-by: Marc Moreno <marc.morenoberengue@arm.com>
diff --git a/interface/include/tfm_sst_api.h b/interface/include/psa_sst_api.h
similarity index 75%
rename from interface/include/tfm_sst_api.h
rename to interface/include/psa_sst_api.h
index 6ffd25b..4ad50d2 100644
--- a/interface/include/tfm_sst_api.h
+++ b/interface/include/psa_sst_api.h
@@ -5,14 +5,51 @@
*
*/
-#ifndef __TFM_SST_API__
-#define __TFM_SST_API__
+/**
+ * \file psa_sst_api.h
+ *
+ * \brief Platform security architecture (PSA) API for secure storage partition
+ */
+
+#ifndef __PSA_SST_API__
+#define __PSA_SST_API__
+
+#include "psa_sst_asset_defs.h"
+#include "psa_sst_asset_macros.h"
+
+#include "tfm_api.h"
#ifdef __cplusplus
extern "C" {
#endif
-#include "tfm_sst_defs.h"
+/*
+ * PSA SST API version
+ */
+#define PSA_SST_API_VERSION_MAJOR 0
+#define PSA_SST_API_VERSION_MINOR 1
+
+/* The return value is shared with the TF-M partition status value.
+ * The SST return codes shouldn't overlap with predefined TFM status values.
+ */
+#define PSA_SST_ERR_OFFSET (TFM_PARTITION_SPECIFIC_ERROR_MIN)
+
+/*!
+ * \enum psa_sst_err_t
+ *
+ * \brief Secure storage service error types
+ *
+ */
+enum psa_sst_err_t {
+ PSA_SST_ERR_SUCCESS = 0,
+ PSA_SST_ERR_ASSET_NOT_PREPARED = PSA_SST_ERR_OFFSET,
+ PSA_SST_ERR_ASSET_NOT_FOUND,
+ PSA_SST_ERR_PARAM_ERROR,
+ PSA_SST_ERR_STORAGE_SYSTEM_FULL,
+ PSA_SST_ERR_SYSTEM_ERROR,
+ /* Following entry is only to ensure the error code of int size */
+ PSA_SST_ERR_FORCE_INT_SIZE = INT_MAX
+};
/**
* \brief Allocates space for the asset, referenced by asset UUID,
@@ -28,10 +65,10 @@
* Token size. In case the token is not provided
* the token size has to be 0.
*
- * \return Returns an TFM_SST_ERR_SUCCESS if asset is created correctly.
- * Otherwise, error code as specified in \ref tfm_sst_err_t
+ * \return Returns an PSA_SST_ERR_SUCCESS if asset is created correctly.
+ * Otherwise, error code as specified in \ref psa_sst_err_t
*/
-enum tfm_sst_err_t tfm_sst_create(uint32_t asset_uuid,
+enum psa_sst_err_t psa_sst_create(uint32_t asset_uuid,
const uint8_t* token,
uint32_t token_size);
@@ -48,14 +85,14 @@
* Token size. In case the token is not provided
* the token size has to be 0.
* \param[out] info Pointer to store the asset's information
- * \ref tfm_sst_asset_info_t
+ * \ref psa_sst_asset_info_t
*
- * \return Returns error code as specified in \ref tfm_sst_err_t
+ * \return Returns error code as specified in \ref psa_sst_err_t
*/
-enum tfm_sst_err_t tfm_sst_get_info(uint32_t asset_uuid,
+enum psa_sst_err_t psa_sst_get_info(uint32_t asset_uuid,
const uint8_t* token,
uint32_t token_size,
- struct tfm_sst_asset_info_t *info);
+ struct psa_sst_asset_info_t *info);
/**
* \brief Gets asset's attributes referenced by asset UUID.
@@ -70,14 +107,14 @@
* Token size. In case the token is not provided
* the token size has to be 0.
* \param[out] attrs Pointer to store the asset's attributes
- * \ref tfm_sst_asset_attrs_t
+ * \ref psa_sst_asset_attrs_t
*
- * \return Returns error code as specified in \ref tfm_sst_err_t
+ * \return Returns error code as specified in \ref psa_sst_err_t
*/
-enum tfm_sst_err_t tfm_sst_get_attributes(uint32_t asset_uuid,
+enum psa_sst_err_t psa_sst_get_attributes(uint32_t asset_uuid,
const uint8_t* token,
uint32_t token_size,
- struct tfm_sst_asset_attrs_t *attrs);
+ struct psa_sst_asset_attrs_t *attrs);
/**
* \brief Sets asset's attributes referenced by asset UUID.
@@ -92,15 +129,15 @@
* Token size. In case the token is not provided
* the token size has to be 0.
* \param[in] attrs Pointer to new the asset's attributes
- * \ref tfm_sst_asset_attrs_t
+ * \ref psa_sst_asset_attrs_t
*
- * \return Returns error code as specified in \ref tfm_sst_err_t
+ * \return Returns error code as specified in \ref psa_sst_err_t
*/
-enum tfm_sst_err_t tfm_sst_set_attributes(
+enum psa_sst_err_t psa_sst_set_attributes(
uint32_t asset_uuid,
const uint8_t* token,
uint32_t token_size,
- const struct tfm_sst_asset_attrs_t *attrs);
+ const struct psa_sst_asset_attrs_t *attrs);
/**
* \brief Reads asset's data from asset referenced by asset UUID.
@@ -118,9 +155,9 @@
* \param[in] offset Offset within asset to start to read
* \param[out] data Pointer to data vector to store data
*
- * \return Returns error code as specified in \ref tfm_sst_err_t
+ * \return Returns error code as specified in \ref psa_sst_err_t
*/
-enum tfm_sst_err_t tfm_sst_read(uint32_t asset_uuid,
+enum psa_sst_err_t psa_sst_read(uint32_t asset_uuid,
const uint8_t* token,
uint32_t token_size,
uint32_t size,
@@ -144,9 +181,9 @@
* \param[in] data Pointer to data vector which contains the data to
* write
*
- * \return Returns error code as specified in \ref tfm_sst_err_t
+ * \return Returns error code as specified in \ref psa_sst_err_t
*/
-enum tfm_sst_err_t tfm_sst_write(uint32_t asset_uuid,
+enum psa_sst_err_t psa_sst_write(uint32_t asset_uuid,
const uint8_t* token,
uint32_t token_size,
uint32_t size,
@@ -166,9 +203,9 @@
* Token size. In case the token is not provided
* the token size has to be 0.
*
- * \return Returns error code as specified in \ref tfm_sst_err_t
+ * \return Returns error code as specified in \ref psa_sst_err_t
*/
-enum tfm_sst_err_t tfm_sst_delete(uint32_t asset_uuid,
+enum psa_sst_err_t psa_sst_delete(uint32_t asset_uuid,
const uint8_t* token,
uint32_t token_size);
@@ -176,4 +213,4 @@
}
#endif
-#endif /* __TFM_SST_API__ */
+#endif /* __PSA_SST_API__ */
diff --git a/interface/include/psa_sst_asset_defs.h b/interface/include/psa_sst_asset_defs.h
new file mode 100644
index 0000000..a810c55
--- /dev/null
+++ b/interface/include/psa_sst_asset_defs.h
@@ -0,0 +1,411 @@
+/*
+ * Copyright (c) 2018, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+/**
+ * \file psa_sst_asset_defs.h
+ *
+ * \brief Platform security architecture (PSA) asset definitions for
+ * secure storage partition.
+ */
+
+#ifndef __PSA_SST_ASSET_DEFS_H__
+#define __PSA_SST_ASSET_DEFS_H__
+
+#include <inttypes.h>
+#include <limits.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* List of PSA SST asset category types */
+/*!
+ * \def PSA_SST_ASSET_CAT_TYPE_NONE
+ *
+ * \brief Asset category type NONE. This is value used in an asset when the
+ * asset category type is not set.
+ */
+#define PSA_SST_ASSET_CAT_TYPE_NONE ((uint32_t)0x00000000)
+
+/*!
+ * \def PSA_SST_ASSET_CAT_RAW_DATA
+ *
+ * \brief This category type is used for those assets which contains raw data.
+ */
+#define PSA_SST_ASSET_CAT_RAW_DATA ((uint32_t)0x02000000)
+
+/*!
+ * \def PSA_SST_ASSET_CAT_KEY_SYMMETRIC
+ *
+ * \brief This category type is used for those assets which contains a
+ * symmetric key.
+ */
+#define PSA_SST_ASSET_CAT_KEY_SYMMETRIC ((uint32_t)0x04000000)
+
+/*!
+ * \def PSA_SST_ASSET_CAT_KEY_PUBLIC
+ *
+ * \brief This category type is used for those assets which contains an
+ * asymmetric public key.
+ */
+#define PSA_SST_ASSET_CAT_KEY_PUBLIC ((uint32_t)0x06000000)
+
+/*!
+ * \def PSA_SST_ASSET_CAT_KEY_PRIVATE
+ *
+ * \brief This category type is used for those assets which contains an
+ * asymmetric private key.
+ */
+#define PSA_SST_ASSET_CAT_KEY_PRIVATE ((uint32_t)0x07000000)
+
+/*!
+ * \def PSA_SST_ASSET_CAT_CERTIFICATE
+ *
+ * \brief This category type is used for those assets which contains a
+ * certificate.
+ */
+#define PSA_SST_ASSET_CAT_CERTIFICATE ((uint32_t)0x08000000)
+
+/*!
+ * \def PSA_SST_ASSET_CAT_VENDOR_DEFINED
+ *
+ * \brief This category type is used when assets is vendor defined.
+ */
+#define PSA_SST_ASSET_CAT_VENDOR_DEFINED ((uint32_t)0x80000000)
+
+/* PSA SST asset category type masks */
+/*!
+ * \def PSA_SST_ASSET_CAT_TYPE_MASK
+ *
+ * \brief Asset category type mask.
+ */
+#define PSA_SST_ASSET_CAT_TYPE_MASK ((uint32_t)0x7f000000)
+
+/*!
+ * \def PSA_SST_ASSET_CAT_KEY_MASK
+ *
+ * \brief Asset key category mask.
+ */
+#define PSA_SST_ASSET_CAT_KEY_MASK ((uint32_t)0x04000000)
+
+/*!
+ * \def PSA_SST_ASSET_CAT_KEY_ASYMMETRIC_MASK
+ *
+ * \brief Asset asymmetric key mask.
+ */
+#define PSA_SST_ASSET_CAT_KEY_ASYMMETRIC_MASK ((uint32_t)0x06000000)
+
+
+/* Asset types for raw data category */
+/*!
+ * \def PSA_SST_ASSET_KEY_HMAC
+ *
+ * \brief HMAC key.
+ */
+#define PSA_SST_ASSET_KEY_HMAC ((PSA_SST_ASSET_CAT_RAW_DATA)| 0x00000001)
+
+/* Asset types for symmetric key category */
+/*!
+ * \def PSA_SST_ASSET_KEY_AES
+ *
+ * \brief AES key to be used in algorithms based on AES cipher
+ * (cipher, AEAD or MAC).
+ */
+#define PSA_SST_ASSET_KEY_AES ((PSA_SST_ASSET_CAT_KEY_SYMMETRIC)|0x00000001)
+
+/*!
+ * \def PSA_SST_ASSET_KEY_DES
+ *
+ * \brief DES key to be used in algorithms based on DES or 3DES cipher
+ * (cipher or MAC).
+ */
+#define PSA_SST_ASSET_KEY_DES ((PSA_SST_ASSET_CAT_KEY_SYMMETRIC)|0x00000002)
+
+/*!
+ * \def PSA_SST_ASSET_KEY_CAMELLIA
+ *
+ * \brief Camellia key to be used in algorithms based on Camellia cipher
+ * (cipher, AEAD or MAC).
+ */
+#define PSA_SST_ASSET_KEY_CAMELLIA \
+ ((PSA_SST_ASSET_CAT_KEY_SYMMETRIC)|0x00000003)
+
+/* Asset types for asymmetric key category */
+/*!
+ * \def PSA_SST_ASSET_KEY_RSA_PUBLIC
+ *
+ * \brief RSA public key.
+ */
+#define PSA_SST_ASSET_KEY_RSA_PUBLIC ((PSA_SST_ASSET_CAT_KEY_PUBLIC)|0x00010000)
+
+/*!
+ * \def PSA_SST_ASSET_KEY_RSA_PRIVATE
+ *
+ * \brief RSA private key.
+ */
+#define PSA_SST_ASSET_KEY_RSA_PRIVATE \
+ ((PSA_SST_ASSET_CAT_KEY_PRIVATE)|0x00010000)
+
+/*!
+ * \def PSA_SST_ASSET_KEY_DSA_PUBLIC
+ *
+ * \brief DSA public key.
+ */
+#define PSA_SST_ASSET_KEY_DSA_PUBLIC ((PSA_SST_ASSET_CAT_KEY_PUBLIC)|0x00020000)
+
+/*!
+ * \def PSA_SST_ASSET_KEY_DSA_PRIVATE
+ *
+ * \brief DSA private key.
+ */
+#define PSA_SST_ASSET_KEY_DSA_PRIVATE \
+ ((PSA_SST_ASSET_CAT_KEY_PRIVATE)|0x00020000)
+
+/*!
+ * \def PSA_SST_ASSET_KEY_ECC_PUBLIC
+ *
+ * \brief ECC public key.
+ */
+#define PSA_SST_ASSET_KEY_ECC_PUBLIC ((PSA_SST_ASSET_CAT_KEY_PUBLIC)|0x00030000)
+
+/*!
+ * \def PSA_SST_ASSET_KEY_ECC_PRIVATE
+ *
+ * \brief ECC private key.
+ */
+#define PSA_SST_ASSET_KEY_ECC_PRIVATE \
+ ((PSA_SST_ASSET_CAT_KEY_PRIVATE)|0x00030000)
+
+/*!
+ * \def PSA_SST_ASSET_KEY_ECC_CURVE_MASK
+ *
+ * \brief ECC curve mask. This mask allows to encode the curve identifiers which
+ * are aligned with the TLS Supported Groups Registry (formerly known as
+ * the TLS EC Named Curve Registry)
+ * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
+ * The values are defined by RFC 4492, RFC 7027 and RFC 7919.
+ */
+#define PSA_SST_ASSET_KEY_ECC_CURVE_MASK ((uint32_t)0x0000ffff)
+
+/* Asset types for certificate category */
+/*!
+ * \def PSA_SST_ASSET_CERT_X_509
+ *
+ * \brief X509 certificate.
+ */
+#define PSA_SST_ASSET_CERT_X_509 ((PSA_SST_ASSET_CAT_CERTIFICATE)|0x00000001)
+
+/* List of PSA SST asset */
+/*!
+ * \def PSA_SST_ASSET_ATTR_EXPIRED
+ *
+ * \brief Indicates if asset has expired.
+ */
+#define PSA_SST_ASSET_ATTR_EXPIRED ((uint32_t)0x00000001)
+
+/*!
+ * \def PSA_SST_ASSET_ATTR_GENERATED_LOCALLY
+ *
+ * \brief Indicates if asset content has been generated locally.
+ */
+#define PSA_SST_ASSET_ATTR_GENERATED_LOCALLY ((uint32_t)0x00000002)
+
+/*!
+ * \def PSA_SST_ASSET_ATTR_DERIVATION
+ *
+ * \brief Indicates if asset content can be used in a key derivation (i.e.
+ * if other keys can be derived from this one)
+ *
+ */
+#define PSA_SST_ASSET_ATTR_DERIVATION ((uint32_t)0x00000004)
+
+/*!
+ * \def PSA_SST_ASSET_ATTR_TRUSTED
+ *
+ * \brief Indicates if asset content can be trusted.
+ */
+#define PSA_SST_ASSET_ATTR_TRUSTED ((uint32_t)0x00000008)
+
+/*!
+ * \def PSA_SST_ASSET_ATTR_WRITE_ONCE
+ *
+ * \brief Indicates if asset content can be modified once a content has been
+ * set.
+ */
+#define PSA_SST_ASSET_ATTR_WRITE_ONCE ((uint32_t)0x00000010)
+
+/* The next 3 bits are reserved */
+
+/*!
+ * \def PSA_SST_ASSET_ATTR_ENCRYPT
+ *
+ * \brief Indicates if asset content may be used to encrypt data.
+ */
+#define PSA_SST_ASSET_ATTR_ENCRYPT ((uint32_t)0x00000100)
+
+/*!
+ * \def PSA_SST_ASSET_ATTR_DECRYPT
+ *
+ * \brief Indicates if asset content may be used to decrypt data.
+ */
+#define PSA_SST_ASSET_ATTR_DECRYPT ((uint32_t)0x00000200)
+
+/*!
+ * \def PSA_SST_ASSET_ATTR_SIGN
+ *
+ * \brief Indicates if asset content may be used to sign data.
+ */
+#define PSA_SST_ASSET_ATTR_SIGN ((uint32_t)0x00000400)
+
+/*!
+ * \def PSA_SST_ASSET_ATTR_VERIFY
+ *
+ * \brief Indicates if asset content may be used to verify signed data.
+ */
+#define PSA_SST_ASSET_ATTR_VERIFY ((uint32_t)0x00000800)
+
+/*!
+ * \def PSA_SST_ASSET_ATTR_VERIFY_RECOVER
+ *
+ * \brief Indicates if asset content may be used to verify data where
+ * data is recovered from the signature.
+ */
+#define PSA_SST_ASSET_ATTR_VERIFY_RECOVER ((uint32_t)0x00001000)
+
+/*!
+ * \def PSA_SST_ASSET_ATTR_WRAP
+ *
+ * \brief Indicates if asset content may be used to wrap other data
+ * (i.e wrap other keys).
+ */
+#define PSA_SST_ASSET_ATTR_WRAP ((uint32_t)0x00002000)
+
+/*!
+ * \def PSA_SST_ASSET_ATTR_UNWRAP
+ *
+ * \brief Indicates if asset content may be used to unwrap other data
+ * (i.e unwrap other keys).
+ */
+#define PSA_SST_ASSET_ATTR_UNWRAP ((uint32_t)0x00004000)
+
+/*!
+ * \def PSA_SST_ASSET_ATTR_SENSITIVE
+ *
+ * \brief Indicates if asset content is sensitive and cannot be revealed.
+ */
+#define PSA_SST_ASSET_ATTR_SENSITIVE ((uint32_t)0x00008000)
+
+/*!
+ * \def PSA_SST_ASSET_ATTR_ALWAYS_SENSITIVE
+ *
+ * \brief Indicates if asset has always had the sensitive attribute. Attribute
+ * cannot be changed once set. It becomes a read only attribute.
+ */
+#define PSA_SST_ASSET_ATTR_ALWAYS_SENSITIVE ((uint32_t)0x00010000)
+
+/*!
+ * \def PSA_SST_ASSET_ATTR_EXTRACTABLE
+ *
+ * \brief Indicates if asset content is extractable and can be wrapped.
+ */
+#define PSA_SST_ASSET_ATTR_EXTRACTABLE ((uint32_t)0x00020000)
+
+/*!
+ * \def PSA_SST_ASSET_ATTR_NEVER_EXTRACTABLE
+ *
+ * \brief Indicates if asset has never had the extactable attribute. Attribute
+ * cannot be changed once set. It becomes a read only attribute.
+ */
+#define PSA_SST_ASSET_ATTR_NEVER_EXTRACTABLE ((uint32_t)0x00040000)
+
+/*!
+ * \def PSA_SST_ASSET_ATTR_ALWAYS_AUTHENTICATE
+ *
+ * \brief Indicates if user has to be authenticate when the asset content has
+ * to be used.
+ */
+#define PSA_SST_ASSET_ATTR_ALWAYS_AUTHENTICATE ((uint32_t)0x00080000)
+
+/*!
+ * \def PSA_SST_ASSET_ATTR_MASK
+ *
+ * \brief Asset attributes mask.
+ */
+#define PSA_SST_ASSET_ATTR_MASK ((uint32_t)0x7FFFFFFF)
+
+/*!
+ * \def PSA_SST_ASSET_ATTR_VENDOR_DEFINED
+ *
+ * \brief Indicates if the attribute is vendor defined.
+ */
+#define PSA_SST_ASSET_ATTR_VENDOR_DEFINED ((uint32_t)0x80000000)
+
+
+/* PSA SST asset structure definitions */
+/*!
+ * \struct psa_sst_asset_info_t
+ *
+ * \brief Asset information.
+ */
+struct psa_sst_asset_info_t {
+ uint32_t type; /*!< Asset type */
+ uint32_t size_current; /*!< The current size of the asset content */
+ uint32_t size_max; /*!< The maximum size of the asset content in
+ * bytes
+ */
+};
+
+/*!
+ * \struct psa_sst_asset_validity_t
+ *
+ * \brief Asset validity structure.
+ *
+ * \note Start and end values must be set to 0 as they are reserved for future
+ * use.
+ */
+struct psa_sst_asset_validity_t {
+ uint64_t start; /*!< Start date/time on which the asset validity period
+ * begins
+ */
+ uint64_t end; /*!< End date on which the asset validity period ends */
+
+};
+
+/*!
+ * \struct psa_sst_asset_attrs_t
+ *
+ * \brief Asset attributes structure.
+ *
+ */
+struct psa_sst_asset_attrs_t {
+ struct psa_sst_asset_validity_t validity; /*!< Asset validity period */
+ uint32_t attrs; /*!< Asset attributes */
+ uint8_t reserved[4]; /*!< Reserved for future
+ * expansion. Default value is
+ * 0 in all bytes
+ */
+};
+
+/*!
+ * \def PSA_SST_ASSET_INFO_SIZE
+ *
+ * \brief Indicates the asset information structure size.
+ */
+#define PSA_SST_ASSET_INFO_SIZE sizeof(struct psa_sst_asset_info_t)
+
+/*!
+ * \def PSA_SST_ASSET_ATTR_SIZE
+ *
+ * \brief Indicates the asset attributes structure size.
+ */
+#define PSA_SST_ASSET_ATTR_SIZE sizeof(struct psa_sst_asset_attrs_t)
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __PSA_SST_ASSET_DEFS_H__ */
diff --git a/interface/include/psa_sst_asset_macros.h b/interface/include/psa_sst_asset_macros.h
new file mode 100644
index 0000000..a7fb058
--- /dev/null
+++ b/interface/include/psa_sst_asset_macros.h
@@ -0,0 +1,125 @@
+/*
+ * Copyright (c) 2018, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+/**
+ * \file psa_sst_asset_macros.h
+ *
+ * \brief Platform security architecture (PSA) asset macros definitions for
+ * secure storage partition
+ */
+#ifndef __PSA_SST_ASSET_MACROS_H__
+#define __PSA_SST_ASSET_MACROS_H__
+
+#include "psa_sst_asset_defs.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*!
+ * \def PSA_SST_ASSET_IS_ASSET_CAT(psa_sst_def_cat_type, type)
+ *
+ * \brief Macro to check if the asset category type (type) is equal to the
+ * PSA SST asset defined category types (psa_sst_def_cat_type).
+ *
+ * \param[in] psa_sst_def_cat_type PSA SST asset defined category type
+ * \param[in] type Asset type
+ *
+ * \return Returns 1 if the asset type is equal to the PSA SST asset defined
+ * type. Otherwise, it returns 0.
+ */
+#define PSA_SST_ASSET_IS_ASSET_CAT(psa_sst_def_cat_type, type) \
+ (((type & PSA_SST_ASSET_CAT_VENDOR_DEFINED) != 0) && \
+ ((type & PSA_SST_ASSET_CAT_TYPE_MASK) == psa_sst_def_cat_type))
+
+/*!
+ * \def PSA_SST_ASSET_IS_ASSET_TYPE(psa_sst_def_type, type)
+ *
+ * \brief Macro to check if the asset type (type) is equal to the
+ * PSA SST asset defined type (psa_sst_def_type).
+ *
+ * \param[in] psa_sst_def_type PSA SST asset defined type
+ * \param[in] type Asset type
+ *
+ * \return Returns 1 if the asset type is equal to the PSA SST asset defined
+ * type. Otherwise, it returns 0.
+ */
+#define PSA_SST_ASSET_IS_ASSET_TYPE(psa_sst_def_type, type) \
+ (((type & PSA_SST_ASSET_CAT_VENDOR_DEFINED) != 0) && \
+ (type == psa_sst_def_type))
+
+/*!
+ * \def PSA_SST_ASSET_IS_VENDOR_DEFINED(type)
+ *
+ * \brief Macro to check if the asset type is vendor defined.
+ *
+ * \param[in] type Asset type
+ *
+ * \return Returns 1 if the asset type is equal to PSA_SST_ASSET_VENDOR_DEFINED.
+ * Otherwise, it returns 0.
+ */
+#define PSA_SST_ASSET_IS_VENDOR_DEFINED(type) \
+ ((type & PSA_SST_ASSET_VENDOR_DEFINED) != 0)
+
+/*!
+ * \def PSA_SST_ASSET_IS_KEY_TYPE(type)
+ *
+ * \brief Macro to check if the asset type is a key.
+ *
+ * \param[in] type Asset type
+ *
+ * \return Returns 1 if it is a key. Otherwise, it returns 0.
+ */
+#define PSA_SST_ASSET_IS_KEY_TYPE(type) \
+ ((type & PSA_SST_ASSET_KEY_MASK) != 0)
+
+/*!
+ * \def PSA_SST_ASSET_IS_ASYMMETRIC_KEY_TYPE(type)
+ *
+ * \brief Macro to check if the asset type is a symmetric key.
+ *
+ * \param[in] type Asset type
+ *
+ * \return Returns 1 if it is an asymmetric key. Otherwise, it returns 0.
+ */
+#define PSA_SST_ASSET_IS_ASYMMETRIC_KEY_TYPE(type) \
+ ((type & PSA_SST_ASSET_KEY_ASYMMETRIC_MASK) != 0)
+
+/*!
+ * \def PSA_SST_ASSET_HAS_ATTR(psa_sst_def_asset_attr, attrs)
+ *
+ * \brief Macro to check if the asset attributes (attrs) have a specific PSA
+ * SST asset defined bit attribute (psa_sst_def_asset_attr).
+ *
+ * \param[in] psa_sst_def_type PSA SST asset defined bit attribute
+ * \param[in] attrs Asset attributes
+ *
+ * \return Returns 1 if the asset has the PSA SST asset defined
+ * attribute. Otherwise, it returns 0.
+ */
+#define PSA_SST_ASSET_HAS_ATTR(psa_sst_def_asset_attr, attrs) \
+ (((attrs & psa_sst_def_asset_attr) != 0) && \
+ ((attrs & PSA_SST_ASSET_ATTR_VENDOR_DEFINED) == 0))
+
+/*!
+ * \def PSA_SST_ASSET_HAS_ATTR_VENDOR_DEFINED(attrs)
+ *
+ * \brief Macro to check if the asset attributes are vendor defined.
+ *
+ * \param[in] attrs Asset attributes
+ *
+ * \return Returns 1 if the asset type is equal to PSA_SST_ASSET_VENDOR_DEFINED.
+ * Otherwise, it returns 0.
+ */
+#define PSA_SST_ASSET_HAS_ATTR_VENDOR_DEFINED(attrs) \
+ ((attrs & PSA_SST_ASSET_ATTR_VENDOR_DEFINED) != 0)
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __PSA_SST_ASSET_MACROS_H__ */
diff --git a/interface/include/tfm_sst_asset_defs.h b/interface/include/tfm_sst_asset_defs.h
deleted file mode 100644
index e97d836..0000000
--- a/interface/include/tfm_sst_asset_defs.h
+++ /dev/null
@@ -1,404 +0,0 @@
-/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#ifndef __TFM_SST_ASSET_DEFS_H__
-#define __TFM_SST_ASSET_DEFS_H__
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include <inttypes.h>
-#include <limits.h>
-
-/* List of TF-M SST asset category types */
-/*!
- * \def TFM_SST_ASSET_CAT_TYPE_NONE
- *
- * \brief Asset category type NONE. This is value used in an asset when the
- * asset category type is not set.
- */
-#define TFM_SST_ASSET_CAT_TYPE_NONE ((uint32_t)0x00000000)
-
-/*!
- * \def TFM_SST_ASSET_CAT_RAW_DATA
- *
- * \brief This category type is used for those assets which contains raw data.
- */
-#define TFM_SST_ASSET_CAT_RAW_DATA ((uint32_t)0x02000000)
-
-/*!
- * \def TFM_SST_ASSET_CAT_KEY_SYMMETRIC
- *
- * \brief This category type is used for those assets which contains a
- * symmetric key.
- */
-#define TFM_SST_ASSET_CAT_KEY_SYMMETRIC ((uint32_t)0x04000000)
-
-/*!
- * \def TFM_SST_ASSET_CAT_KEY_PUBLIC
- *
- * \brief This category type is used for those assets which contains an
- * asymmetric public key.
- */
-#define TFM_SST_ASSET_CAT_KEY_PUBLIC ((uint32_t)0x06000000)
-
-/*!
- * \def TFM_SST_ASSET_CAT_KEY_PRIVATE
- *
- * \brief This category type is used for those assets which contains an
- * asymmetric private key.
- */
-#define TFM_SST_ASSET_CAT_KEY_PRIVATE ((uint32_t)0x07000000)
-
-/*!
- * \def TFM_SST_ASSET_CAT_CERTIFICATE
- *
- * \brief This category type is used for those assets which contains a
- * certificate.
- */
-#define TFM_SST_ASSET_CAT_CERTIFICATE ((uint32_t)0x08000000)
-
-/*!
- * \def TFM_SST_ASSET_CAT_VENDOR_DEFINED
- *
- * \brief This category type is used when assets is vendor defined.
- */
-#define TFM_SST_ASSET_CAT_VENDOR_DEFINED ((uint32_t)0x80000000)
-
-/* TF-M SST asset category type masks */
-/*!
- * \def TFM_SST_ASSET_CAT_TYPE_MASK
- *
- * \brief Asset category type mask.
- */
-#define TFM_SST_ASSET_CAT_TYPE_MASK ((uint32_t)0x7f000000)
-
-/*!
- * \def TFM_SST_ASSET_CAT_KEY_MASK
- *
- * \brief Asset key category mask.
- */
-#define TFM_SST_ASSET_CAT_KEY_MASK ((uint32_t)0x04000000)
-
-/*!
- * \def TFM_SST_ASSET_CAT_KEY_ASYMMETRIC_MASK
- *
- * \brief Asset asymmetric key mask.
- */
-#define TFM_SST_ASSET_CAT_KEY_ASYMMETRIC_MASK ((uint32_t)0x06000000)
-
-
-/* Asset types for raw data category */
-/*!
- * \def TFM_SST_ASSET_KEY_HMAC
- *
- * \brief HMAC key.
- */
-#define TFM_SST_ASSET_KEY_HMAC ((TFM_SST_ASSET_CAT_RAW_DATA)| 0x00000001)
-
-/* Asset types for symmetric key category */
-/*!
- * \def TFM_SST_ASSET_KEY_AES
- *
- * \brief AES key to be used in algorithms based on AES cipher
- * (cipher, AEAD or MAC).
- */
-#define TFM_SST_ASSET_KEY_AES ((TFM_SST_ASSET_CAT_KEY_SYMMETRIC)|0x00000001)
-
-/*!
- * \def TFM_SST_ASSET_KEY_DES
- *
- * \brief DES key to be used in algorithms based on DES or 3DES cipher
- * (cipher or MAC).
- */
-#define TFM_SST_ASSET_KEY_DES ((TFM_SST_ASSET_CAT_KEY_SYMMETRIC)|0x00000002)
-
-/*!
- * \def TFM_SST_ASSET_KEY_CAMELLIA
- *
- * \brief Camellia key to be used in algorithms based on Camellia cipher
- * (cipher, AEAD or MAC).
- */
-#define TFM_SST_ASSET_KEY_CAMELLIA \
- ((TFM_SST_ASSET_CAT_KEY_SYMMETRIC)|0x00000003)
-
-/* Asset types for asymmetric key category */
-/*!
- * \def TFM_SST_ASSET_KEY_RSA_PUBLIC
- *
- * \brief RSA public key.
- */
-#define TFM_SST_ASSET_KEY_RSA_PUBLIC ((TFM_SST_ASSET_CAT_KEY_PUBLIC)|0x00010000)
-
-/*!
- * \def TFM_SST_ASSET_KEY_RSA_PRIVATE
- *
- * \brief RSA private key.
- */
-#define TFM_SST_ASSET_KEY_RSA_PRIVATE \
- ((TFM_SST_ASSET_CAT_KEY_PRIVATE)|0x00010000)
-
-/*!
- * \def TFM_SST_ASSET_KEY_DSA_PUBLIC
- *
- * \brief DSA public key.
- */
-#define TFM_SST_ASSET_KEY_DSA_PUBLIC ((TFM_SST_ASSET_CAT_KEY_PUBLIC)|0x00020000)
-
-/*!
- * \def TFM_SST_ASSET_KEY_DSA_PRIVATE
- *
- * \brief DSA private key.
- */
-#define TFM_SST_ASSET_KEY_DSA_PRIVATE \
- ((TFM_SST_ASSET_CAT_KEY_PRIVATE)|0x00020000)
-
-/*!
- * \def TFM_SST_ASSET_KEY_ECC_PUBLIC
- *
- * \brief ECC public key.
- */
-#define TFM_SST_ASSET_KEY_ECC_PUBLIC ((TFM_SST_ASSET_CAT_KEY_PUBLIC)|0x00030000)
-
-/*!
- * \def TFM_SST_ASSET_KEY_ECC_PRIVATE
- *
- * \brief ECC private key.
- */
-#define TFM_SST_ASSET_KEY_ECC_PRIVATE \
- ((TFM_SST_ASSET_CAT_KEY_PRIVATE)|0x00030000)
-
-/*!
- * \def TFM_SST_ASSET_KEY_ECC_CURVE_MASK
- *
- * \brief ECC curve mask. This mask allows to encode the curve identifiers which
- * are aligned with the TLS Supported Groups Registry (formerly known as
- * the TLS EC Named Curve Registry)
- * https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
- * The values are defined by RFC 4492, RFC 7027 and RFC 7919.
- */
-#define TFM_SST_ASSET_KEY_ECC_CURVE_MASK ((uint32_t)0x0000ffff)
-
-/* Asset types for certificate category */
-/*!
- * \def TFM_SST_ASSET_CERT_X_509
- *
- * \brief X509 certificate.
- */
-#define TFM_SST_ASSET_CERT_X_509 ((TFM_SST_ASSET_CAT_CERTIFICATE)|0x00000001)
-
-/* List of TF-M SST asset */
-/*!
- * \def TFM_SST_ASSET_ATTR_EXPIRED
- *
- * \brief Indicates if asset has expired.
- */
-#define TFM_SST_ASSET_ATTR_EXPIRED ((uint32_t)0x00000001)
-
-/*!
- * \def TFM_SST_ASSET_ATTR_GENERATED_LOCALLY
- *
- * \brief Indicates if asset content has been generated locally.
- */
-#define TFM_SST_ASSET_ATTR_GENERATED_LOCALLY ((uint32_t)0x00000002)
-
-/*!
- * \def TFM_SST_ASSET_ATTR_DERIVATION
- *
- * \brief Indicates if asset content can be used in a key derivation (i.e.
- * if other keys can be derived from this one)
- *
- */
-#define TFM_SST_ASSET_ATTR_DERIVATION ((uint32_t)0x00000004)
-
-/*!
- * \def TFM_SST_ASSET_ATTR_TRUSTED
- *
- * \brief Indicates if asset content can be trusted.
- */
-#define TFM_SST_ASSET_ATTR_TRUSTED ((uint32_t)0x00000008)
-
-/*!
- * \def TFM_SST_ASSET_ATTR_WRITE_ONCE
- *
- * \brief Indicates if asset content can be modified once a content has been
- * set.
- */
-#define TFM_SST_ASSET_ATTR_WRITE_ONCE ((uint32_t)0x00000010)
-
-/* The next 3 bits are reserved */
-
-/*!
- * \def TFM_SST_ASSET_ATTR_ENCRYPT
- *
- * \brief Indicates if asset content may be used to encrypt data.
- */
-#define TFM_SST_ASSET_ATTR_ENCRYPT ((uint32_t)0x00000100)
-
-/*!
- * \def TFM_SST_ASSET_ATTR_DECRYPT
- *
- * \brief Indicates if asset content may be used to decrypt data.
- */
-#define TFM_SST_ASSET_ATTR_DECRYPT ((uint32_t)0x00000200)
-
-/*!
- * \def TFM_SST_ASSET_ATTR_SIGN
- *
- * \brief Indicates if asset content may be used to sign data.
- */
-#define TFM_SST_ASSET_ATTR_SIGN ((uint32_t)0x00000400)
-
-/*!
- * \def TFM_SST_ASSET_ATTR_VERIFY
- *
- * \brief Indicates if asset content may be used to verify signed data.
- */
-#define TFM_SST_ASSET_ATTR_VERIFY ((uint32_t)0x00000800)
-
-/*!
- * \def TFM_SST_ASSET_ATTR_VERIFY_RECOVER
- *
- * \brief Indicates if asset content may be used to verify data where
- * data is recovered from the signature.
- */
-#define TFM_SST_ASSET_ATTR_VERIFY_RECOVER ((uint32_t)0x00001000)
-
-/*!
- * \def TFM_SST_ASSET_ATTR_WRAP
- *
- * \brief Indicates if asset content may be used to wrap other data
- * (i.e wrap other keys).
- */
-#define TFM_SST_ASSET_ATTR_WRAP ((uint32_t)0x00002000)
-
-/*!
- * \def TFM_SST_ASSET_ATTR_UNWRAP
- *
- * \brief Indicates if asset content may be used to unwrap other data
- * (i.e unwrap other keys).
- */
-#define TFM_SST_ASSET_ATTR_UNWRAP ((uint32_t)0x00004000)
-
-/*!
- * \def TFM_SST_ASSET_ATTR_SENSITIVE
- *
- * \brief Indicates if asset content is sensitive and cannot be revealed.
- */
-#define TFM_SST_ASSET_ATTR_SENSITIVE ((uint32_t)0x00008000)
-
-/*!
- * \def TFM_SST_ASSET_ATTR_ALWAYS_SENSITIVE
- *
- * \brief Indicates if asset has always had the sensitive attribute. Attribute
- * cannot be changed once set. It becomes a read only attribute.
- */
-#define TFM_SST_ASSET_ATTR_ALWAYS_SENSITIVE ((uint32_t)0x00010000)
-
-/*!
- * \def TFM_SST_ASSET_ATTR_EXTRACTABLE
- *
- * \brief Indicates if asset content is extractable and can be wrapped.
- */
-#define TFM_SST_ASSET_ATTR_EXTRACTABLE ((uint32_t)0x00020000)
-
-/*!
- * \def TFM_SST_ASSET_ATTR_NEVER_EXTRACTABLE
- *
- * \brief Indicates if asset has never had the extactable attribute. Attribute
- * cannot be changed once set. It becomes a read only attribute.
- */
-#define TFM_SST_ASSET_ATTR_NEVER_EXTRACTABLE ((uint32_t)0x00040000)
-
-/*!
- * \def TFM_SST_ASSET_ATTR_ALWAYS_AUTHENTICATE
- *
- * \brief Indicates if user has to be authenticate when the asset content has
- * to be used.
- */
-#define TFM_SST_ASSET_ATTR_ALWAYS_AUTHENTICATE ((uint32_t)0x00080000)
-
-/*!
- * \def TFM_SST_ASSET_ATTR_MASK
- *
- * \brief Asset attributes mask.
- */
-#define TFM_SST_ASSET_ATTR_MASK ((uint32_t)0x7FFFFFFF)
-
-/*!
- * \def TFM_SST_ASSET_ATTR_VENDOR_DEFINED
- *
- * \brief Indicates if the attribute is vendor defined.
- */
-#define TFM_SST_ASSET_ATTR_VENDOR_DEFINED ((uint32_t)0x80000000)
-
-
-/* TF-M SST asset structure definitions */
-/*!
- * \struct tfm_sst_asset_info_t
- *
- * \brief Asset information.
- */
-struct tfm_sst_asset_info_t {
- uint32_t type; /*!< Asset type */
- uint32_t size_current; /*!< The current size of the asset content */
- uint32_t size_max; /*!< The maximum size of the asset content in
- * bytes
- */
-};
-
-/*!
- * \struct tfm_sst_asset_validity_t
- *
- * \brief Asset validity structure.
- *
- * \note Start and end values must be set to 0 as they are reserved for future
- * use.
- */
-struct tfm_sst_asset_validity_t {
- uint64_t start; /*!< Start date/time on which the asset validity period
- * begins
- */
- uint64_t end; /*!< End date on which the asset validity period ends */
-
-};
-
-/*!
- * \struct tfm_sst_asset_attrs_t
- *
- * \brief Asset attributes structure.
- *
- */
-struct tfm_sst_asset_attrs_t {
- struct tfm_sst_asset_validity_t validity; /*!< Asset validity period */
- uint32_t attrs; /*!< Asset attributes */
- uint8_t reserved[4]; /*!< Reserved for future
- * expansion. Default value is
- * 0 in all bytes
- */
-};
-
-/*!
- * \def TFM_SST_ASSET_INFO_SIZE
- *
- * \brief Indicates the asset information structure size.
- */
-#define TFM_SST_ASSET_INFO_SIZE sizeof(struct tfm_sst_asset_info_t)
-
-/*!
- * \def TFM_SST_ASSET_ATTR_SIZE
- *
- * \brief Indicates the asset attributes structure size.
- */
-#define TFM_SST_ASSET_ATTR_SIZE sizeof(struct tfm_sst_asset_attrs_t)
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __TFM_SST_ASSET_DEFS_H__ */
diff --git a/interface/include/tfm_sst_asset_macros.h b/interface/include/tfm_sst_asset_macros.h
deleted file mode 100644
index e97ccbe..0000000
--- a/interface/include/tfm_sst_asset_macros.h
+++ /dev/null
@@ -1,119 +0,0 @@
-/*
- * Copyright (c) 2018, Arm Limited. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- *
- */
-
-#ifndef __TFM_SST_ASSET_MACROS_H__
-#define __TFM_SST_ASSET_MACROS_H__
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#include "tfm_sst_asset_defs.h"
-
-/*!
- * \def TFM_SST_ASSET_IS_ASSET_CAT(sst_def_cat_type, type)
- *
- * \brief Macro to check if the asset category type (type) is equal to the
- * TF-M SST asset defined category types (sst_def_cat_type).
- *
- * \param[in] sst_def_cat_type TF-M SST asset defined category type
- * \param[in] type Asset type
- *
- * \return Returns 1 if the asset type is equal to the TF-M SST asset defined
- * type. Otherwise, it returns 0.
- */
-#define TFM_SST_ASSET_IS_ASSET_CAT(sst_def_cat_type, type) \
- (((type & TFM_SST_ASSET_CAT_VENDOR_DEFINED) != 0) && \
- ((type & TFM_SST_ASSET_CAT_TYPE_MASK) == sst_def_cat_type))
-
-/*!
- * \def TFM_SST_ASSET_IS_ASSET_TYPE(sst_def_type, type)
- *
- * \brief Macro to check if the asset type (type) is equal to the
- * TF-M SST asset defined type (sst_def_type).
- *
- * \param[in] sst_def_type TF-M SST asset defined type
- * \param[in] type Asset type
- *
- * \return Returns 1 if the asset type is equal to the TF-M SST asset defined
- * type. Otherwise, it returns 0.
- */
-#define TFM_SST_ASSET_IS_ASSET_TYPE(sst_def_type, type) \
- (((type & TFM_SST_ASSET_CAT_VENDOR_DEFINED) != 0) && \
- (type == sst_def_type))
-
-/*!
- * \def TFM_SST_ASSET_IS_VENDOR_DEFINED(type)
- *
- * \brief Macro to check if the asset type is vendor defined.
- *
- * \param[in] type Asset type
- *
- * \return Returns 1 if the asset type is equal to TFM_SST_ASSET_VENDOR_DEFINED.
- * Otherwise, it returns 0.
- */
-#define TFM_SST_ASSET_IS_VENDOR_DEFINED(type) \
- ((type & TFM_SST_ASSET_VENDOR_DEFINED) != 0)
-
-/*!
- * \def TFM_SST_ASSET_IS_KEY_TYPE(type)
- *
- * \brief Macro to check if the asset type is a key.
- *
- * \param[in] type Asset type
- *
- * \return Returns 1 if it is a key. Otherwise, it returns 0.
- */
-#define TFM_SST_ASSET_IS_KEY_TYPE(type) \
- ((type & TFM_SST_ASSET_KEY_MASK) != 0)
-
-/*!
- * \def TFM_SST_ASSET_IS_ASYMMETRIC_KEY_TYPE(type)
- *
- * \brief Macro to check if the asset type is a symmetric key.
- *
- * \param[in] type Asset type
- *
- * \return Returns 1 if it is an asymmetric key. Otherwise, it returns 0.
- */
-#define TFM_SST_ASSET_IS_ASYMMETRIC_KEY_TYPE(type) \
- ((type & TFM_SST_ASSET_KEY_ASYMMETRIC_MASK) != 0)
-
-/*!
- * \def TFM_SST_ASSET_HAS_ATTR(sst_def_asset_attr, attrs)
- *
- * \brief Macro to check if the asset attributes (attrs) have a specific TF-M
- * SST asset defined bit attribute (sst_def_asset_attr).
- *
- * \param[in] sst_def_type TF-M SST asset defined bit attribute
- * \param[in] attrs Asset attributes
- *
- * \return Returns 1 if the asset has the TF-M SST asset defined
- * attribute. Otherwise, it returns 0.
- */
-#define TFM_SST_ASSET_HAS_ATTR(sst_def_asset_attr, attrs) \
- (((attrs & sst_def_asset_attr) != 0) && \
- ((attrs & TFM_SST_ASSET_ATTR_VENDOR_DEFINED) == 0))
-
-/*!
- * \def TFM_SST_ASSET_HAS_ATTR_VENDOR_DEFINED(attrs)
- *
- * \brief Macro to check if the asset attributes are vendor defined.
- *
- * \param[in] attrs Asset attributes
- *
- * \return Returns 1 if the asset type is equal to TFM_SST_ASSET_VENDOR_DEFINED.
- * Otherwise, it returns 0.
- */
-#define TFM_SST_ASSET_HAS_ATTR_VENDOR_DEFINED(attrs) \
- ((attrs & TFM_SST_ASSET_ATTR_VENDOR_DEFINED) != 0)
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __TFM_SST_ASSET_MACROS_H__ */
diff --git a/interface/include/tfm_sst_defs.h b/interface/include/tfm_sst_defs.h
index 5e1f869..09d3b44 100644
--- a/interface/include/tfm_sst_defs.h
+++ b/interface/include/tfm_sst_defs.h
@@ -14,44 +14,7 @@
#include <inttypes.h>
#include <limits.h>
-#include "tfm_api.h"
-#include "tfm_sst_asset_defs.h"
-#include "tfm_sst_asset_macros.h"
-
-/* FIXME: the secure APP ID should not be share with the non-secure code
- * as it is revealing information about secure code implementation.
- */
-#define S_APP_ID 0xF0000000
-
-/* FIXME:
- * Very descriptive error codes can leak implementation
- * information to caller and may allow exploitation
- * of implementation weaknesses by malicious actors.
- * Potential approaches-
- * a. Just return generic error for any kind of failure
- *
- * OR
- *
- * b. Non-secure callers get the generic failure, the
- * secure side callers get a bit more detailed error
- * codes.
- */
-
-/* The return value is shared with the TFM service status value. The SST return
- * codes shouldn't overlap with predefined TFM status values.
- */
-#define TFM_SST_ERR_OFFSET (TFM_PARTITION_SPECIFIC_ERROR_MIN)
-
-enum tfm_sst_err_t {
- TFM_SST_ERR_SUCCESS = 0,
- TFM_SST_ERR_ASSET_NOT_PREPARED = TFM_SST_ERR_OFFSET,
- TFM_SST_ERR_ASSET_NOT_FOUND,
- TFM_SST_ERR_PARAM_ERROR,
- TFM_SST_ERR_STORAGE_SYSTEM_FULL,
- TFM_SST_ERR_SYSTEM_ERROR,
- /* Following entry is only to ensure the error code of int size */
- TFM_SST_ERR_FORCE_INT_SIZE = INT_MAX
-};
+#include "psa_sst_api.h"
/*!
* \struct tfm_sst_token_t
diff --git a/interface/include/tfm_sst_svc_handler.h b/interface/include/tfm_sst_svc_handler.h
index 0cfb4ed..57e2734 100644
--- a/interface/include/tfm_sst_svc_handler.h
+++ b/interface/include/tfm_sst_svc_handler.h
@@ -21,10 +21,10 @@
* \param[in] asset_uuid Asset UUID \ref tfm_sst_asset_id_t
* \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
*
- * \return Returns an TFM_SST_ERR_SUCCESS if asset is created correctly.
- * Otherwise, error code as specified in \ref tfm_sst_err_t
+ * \return Returns an PSA_SST_ERR_SUCCESS if asset is created correctly.
+ * Otherwise, error code as specified in \ref psa_sst_err_t
*/
-enum tfm_sst_err_t tfm_sst_svc_create(uint32_t asset_uuid,
+enum psa_sst_err_t tfm_sst_svc_create(uint32_t asset_uuid,
const struct tfm_sst_token_t *s_token);
/**
@@ -33,26 +33,26 @@
* \param[in] asset_uuid Asset UUID
* \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
* \param[out] info Pointer to store the asset's information
- * \ref tfm_sst_asset_info_t
+ * \ref psa_sst_asset_info_t
*
- * \return Returns error code as specified in \ref tfm_sst_err_t
+ * \return Returns error code as specified in \ref psa_sst_err_t
*/
-enum tfm_sst_err_t tfm_sst_svc_get_info(uint32_t asset_uuid,
+enum psa_sst_err_t tfm_sst_svc_get_info(uint32_t asset_uuid,
const struct tfm_sst_token_t *s_token,
- struct tfm_sst_asset_info_t *info);
+ struct psa_sst_asset_info_t *info);
/**
* \brief SVC funtion to get asset's attributes referenced by asset UUID.
*
* \param[in] asset_uuid Asset UUID
* \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
* \param[out] attrs Pointer to store the asset's attributes
- * \ref tfm_sst_asset_attrs_t
+ * \ref psa_sst_asset_attrs_t
*
- * \return Returns error code as specified in \ref tfm_sst_err_t
+ * \return Returns error code as specified in \ref psa_sst_err_t
*/
-enum tfm_sst_err_t tfm_sst_svc_get_attributes(uint32_t asset_uuid,
+enum psa_sst_err_t tfm_sst_svc_get_attributes(uint32_t asset_uuid,
const struct tfm_sst_token_t *s_token,
- struct tfm_sst_asset_attrs_t *attrs);
+ struct psa_sst_asset_attrs_t *attrs);
/**
* \brief SVC funtion to set asset's attributes referenced by asset UUID.
@@ -60,13 +60,13 @@
* \param[in] asset_uuid Asset UUID
* \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
* \param[in] attrs Pointer to new the asset's attributes
- * \ref tfm_sst_asset_attrs_t
+ * \ref psa_sst_asset_attrs_t
*
- * \return Returns error code as specified in \ref tfm_sst_err_t
+ * \return Returns error code as specified in \ref psa_sst_err_t
*/
-enum tfm_sst_err_t tfm_sst_svc_set_attributes(uint32_t asset_uuid,
+enum psa_sst_err_t tfm_sst_svc_set_attributes(uint32_t asset_uuid,
const struct tfm_sst_token_t *s_token,
- const struct tfm_sst_asset_attrs_t *attrs);
+ const struct psa_sst_asset_attrs_t *attrs);
/**
* \brief SVC funtion to read asset's data from asset referenced by asset UUID.
@@ -76,9 +76,9 @@
* \param[out] data Pointer to data vector \ref tfm_sst_buf_t to store
* data, size and offset
*
- * \return Returns error code as specified in \ref tfm_sst_err_t
+ * \return Returns error code as specified in \ref psa_sst_err_t
*/
-enum tfm_sst_err_t tfm_sst_svc_read(uint32_t asset_uuid,
+enum psa_sst_err_t tfm_sst_svc_read(uint32_t asset_uuid,
const struct tfm_sst_token_t *s_token,
struct tfm_sst_buf_t* data);
@@ -90,9 +90,9 @@
* \param[in] data Pointer to data vector \ref tfm_sst_buf_t which
* contains the data to write
*
- * \return Returns error code as specified in \ref tfm_sst_err_t
+ * \return Returns error code as specified in \ref psa_sst_err_t
*/
-enum tfm_sst_err_t tfm_sst_svc_write(uint32_t asset_uuid,
+enum psa_sst_err_t tfm_sst_svc_write(uint32_t asset_uuid,
const struct tfm_sst_token_t *s_token,
struct tfm_sst_buf_t* data);
@@ -102,9 +102,9 @@
* \param[in] asset_uuid Asset UUID
* \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
*
- * \return Returns error code as specified in \ref tfm_sst_err_t
+ * \return Returns error code as specified in \ref psa_sst_err_t
*/
-enum tfm_sst_err_t tfm_sst_svc_delete(uint32_t asset_uuid,
+enum psa_sst_err_t tfm_sst_svc_delete(uint32_t asset_uuid,
const struct tfm_sst_token_t *s_token);
#ifdef __cplusplus
diff --git a/interface/include/tfm_sst_veneers.h b/interface/include/tfm_sst_veneers.h
index 95a6b17..80bb3eb 100644
--- a/interface/include/tfm_sst_veneers.h
+++ b/interface/include/tfm_sst_veneers.h
@@ -22,16 +22,15 @@
* \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
* \param[in] asset_uuid Asset UUID \ref tfm_sst_asset_id_t
*
- * \return Returns TFM_SST_ERR_SUCCESS if the asset has been created correctly.
+ * \return Returns PSA_SST_ERR_SUCCESS if the asset has been created correctly.
* If SST area is not prepared, it returns
- * TFM_SST_ERR_ASSET_NOT_PREPARED. If SST area is full, it returns
- * TFM_SST_ERR_STORAGE_SYSTEM_FULL. If application id doesn't have the
- * write rights, it returns TFM_SST_ERR_PERMS_NOT_ALLOWED.
+ * PSA_SST_ERR_ASSET_NOT_PREPARED. If SST area is full, it returns
+ * PSA_SST_ERR_STORAGE_SYSTEM_FULL. If application id doesn't have the
+ * write rights, it returns PSA_SST_ERR_PERMS_NOT_ALLOWED.
*/
-enum tfm_sst_err_t tfm_sst_veneer_create(uint32_t app_id, uint32_t asset_uuid,
+enum psa_sst_err_t tfm_sst_veneer_create(uint32_t app_id, uint32_t asset_uuid,
const struct tfm_sst_token_t *s_token);
-
/**
* \brief Gets asset's information referenced by asset UUID.
*
@@ -39,13 +38,13 @@
* \param[in] asset_uuid Asset UUID
* \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
* \param[out] info Pointer to store the asset's information
- * \ref tfm_sst_asset_info_t
+ * \ref psa_sst_asset_info_t
*
- * \return Returns error code as specified in \ref tfm_sst_err_t
+ * \return Returns error code as specified in \ref psa_sst_err_t
*/
-enum tfm_sst_err_t tfm_sst_veneer_get_info(uint32_t app_id, uint32_t asset_uuid,
+enum psa_sst_err_t tfm_sst_veneer_get_info(uint32_t app_id, uint32_t asset_uuid,
const struct tfm_sst_token_t *s_token,
- struct tfm_sst_asset_info_t *info);
+ struct psa_sst_asset_info_t *info);
/**
* \brief Gets asset's attributes referenced by asset UUID.
@@ -56,12 +55,12 @@
* \param[out] attrs Pointer to store the asset's attributes
* \ref tfm_sst_asset_attrs_t
*
- * \return Returns error code as specified in \ref tfm_sst_err_t
+ * \return Returns error code as specified in \ref psa_sst_err_t
*/
-enum tfm_sst_err_t tfm_sst_veneer_get_attributes(uint32_t app_id,
+enum psa_sst_err_t tfm_sst_veneer_get_attributes(uint32_t app_id,
uint32_t asset_uuid,
const struct tfm_sst_token_t *s_token,
- struct tfm_sst_asset_attrs_t *attrs);
+ struct psa_sst_asset_attrs_t *attrs);
/**
* \brief Sets asset's attributes referenced by asset UUID.
@@ -70,14 +69,14 @@
* \param[in] asset_uuid Asset UUID
* \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
* \param[in] attrs Pointer to new the asset's attributes
- * \ref tfm_sst_asset_attrs_t
+ * \ref psa_sst_asset_attrs_t
*
- * \return Returns error code as specified in \ref tfm_sst_err_t
+ * \return Returns error code as specified in \ref psa_sst_err_t
*/
-enum tfm_sst_err_t tfm_sst_veneer_set_attributes(uint32_t app_id,
+enum psa_sst_err_t tfm_sst_veneer_set_attributes(uint32_t app_id,
uint32_t asset_uuid,
const struct tfm_sst_token_t *s_token,
- const struct tfm_sst_asset_attrs_t *attrs);
+ const struct psa_sst_asset_attrs_t *attrs);
/**
* \brief Reads asset's data from asset referenced by asset UUID.
@@ -88,10 +87,10 @@
* \param[in/out] data Pointer to data vector \ref tfm_sst_buf_t to
* store data, size and offset
*
- * \return Returns the number of bytes written or a castable \ref tfm_sst_err_t
+ * \return Returns the number of bytes written or a castable \ref psa_sst_err_t
* value
*/
-enum tfm_sst_err_t tfm_sst_veneer_read(uint32_t app_id, uint32_t asset_uuid,
+enum psa_sst_err_t tfm_sst_veneer_read(uint32_t app_id, uint32_t asset_uuid,
const struct tfm_sst_token_t *s_token,
struct tfm_sst_buf_t *data);
@@ -104,10 +103,10 @@
* \param[in] data Pointer to data vector \ref tfm_sst_buf_t which
* contains the data to write
*
- * \return Returns the number of bytes written or a castable \ref tfm_sst_err_t
+ * \return Returns the number of bytes written or a castable \ref psa_sst_err_t
* value
*/
-enum tfm_sst_err_t tfm_sst_veneer_write(uint32_t app_id, uint32_t asset_uuid,
+enum psa_sst_err_t tfm_sst_veneer_write(uint32_t app_id, uint32_t asset_uuid,
const struct tfm_sst_token_t *s_token,
struct tfm_sst_buf_t *data);
@@ -118,13 +117,12 @@
* \param[in] asset_uuid Asset UUID
* \param[in] s_token Pointer to the asset's token \ref tfm_sst_token_t
*
- * \return Returns TFM_SST_ERR_PERMS_NOT_ALLOWED if the asset can't be deleted
- * to by this app ID. Returns TFM_SST_ERR_ASSET_REF_INVALID, if asset
- * no longer exists. Otherwise, TFM_SST_ERR_SUCCESS.
+ * \return Returns PSA_SST_ERR_PERMS_NOT_ALLOWED if the asset can't be deleted
+ * to by this app ID. Returns PSA_SST_ERR_ASSET_REF_INVALID, if asset
+ * no longer exists. Otherwise, PSA_SST_ERR_SUCCESS.
*/
-enum tfm_sst_err_t tfm_sst_veneer_delete(uint32_t app_id, uint32_t asset_uuid,
+enum psa_sst_err_t tfm_sst_veneer_delete(uint32_t app_id, uint32_t asset_uuid,
const struct tfm_sst_token_t *s_token);
-
#ifdef __cplusplus
}
#endif
diff --git a/interface/src/tfm_sst_api.c b/interface/src/tfm_sst_api.c
index 6af6320..790435f 100644
--- a/interface/src/tfm_sst_api.c
+++ b/interface/src/tfm_sst_api.c
@@ -8,7 +8,7 @@
#include "tfm_sst_defs.h"
#include "tfm_ns_lock.h"
-enum tfm_sst_err_t tfm_sst_create(uint32_t asset_uuid, const uint8_t* token,
+enum psa_sst_err_t psa_sst_create(uint32_t asset_uuid, const uint8_t* token,
uint32_t token_size)
{
struct tfm_sst_token_t s_token;
@@ -24,10 +24,10 @@
0);
}
-enum tfm_sst_err_t tfm_sst_get_info(uint32_t asset_uuid,
+enum psa_sst_err_t psa_sst_get_info(uint32_t asset_uuid,
const uint8_t* token,
uint32_t token_size,
- struct tfm_sst_asset_info_t *info)
+ struct psa_sst_asset_info_t *info)
{
struct tfm_sst_token_t s_token;
@@ -42,10 +42,10 @@
0);
}
-enum tfm_sst_err_t tfm_sst_get_attributes(uint32_t asset_uuid,
+enum psa_sst_err_t psa_sst_get_attributes(uint32_t asset_uuid,
const uint8_t* token,
uint32_t token_size,
- struct tfm_sst_asset_attrs_t *attrs)
+ struct psa_sst_asset_attrs_t *attrs)
{
struct tfm_sst_token_t s_token;
@@ -60,10 +60,10 @@
0);
}
-enum tfm_sst_err_t tfm_sst_set_attributes(uint32_t asset_uuid,
+enum psa_sst_err_t psa_sst_set_attributes(uint32_t asset_uuid,
const uint8_t* token,
uint32_t token_size,
- const struct tfm_sst_asset_attrs_t *attrs)
+ const struct psa_sst_asset_attrs_t *attrs)
{
struct tfm_sst_token_t s_token;
@@ -78,7 +78,7 @@
0);
}
-enum tfm_sst_err_t tfm_sst_read(uint32_t asset_uuid,
+enum psa_sst_err_t psa_sst_read(uint32_t asset_uuid,
const uint8_t* token,
uint32_t token_size,
uint32_t size,
@@ -104,7 +104,7 @@
0);
}
-enum tfm_sst_err_t tfm_sst_write(uint32_t asset_uuid,
+enum psa_sst_err_t psa_sst_write(uint32_t asset_uuid,
const uint8_t* token,
uint32_t token_size,
uint32_t size,
@@ -130,7 +130,7 @@
0);
}
-enum tfm_sst_err_t tfm_sst_delete(uint32_t asset_uuid,
+enum psa_sst_err_t psa_sst_delete(uint32_t asset_uuid,
const uint8_t* token,
uint32_t token_size)
{
diff --git a/interface/src/tfm_sst_svc_handler.c b/interface/src/tfm_sst_svc_handler.c
index 8277169c..27b4d90 100644
--- a/interface/src/tfm_sst_svc_handler.c
+++ b/interface/src/tfm_sst_svc_handler.c
@@ -11,7 +11,7 @@
#include "tfm_id_mngr.h"
/* SVC function implementations */
-enum tfm_sst_err_t tfm_sst_svc_create(uint32_t asset_uuid,
+enum psa_sst_err_t tfm_sst_svc_create(uint32_t asset_uuid,
const struct tfm_sst_token_t *s_token)
{
uint32_t app_id;
@@ -21,9 +21,9 @@
return tfm_sst_veneer_create(app_id, asset_uuid, s_token);
}
-enum tfm_sst_err_t tfm_sst_svc_get_info(uint32_t asset_uuid,
+enum psa_sst_err_t tfm_sst_svc_get_info(uint32_t asset_uuid,
const struct tfm_sst_token_t *s_token,
- struct tfm_sst_asset_info_t *info)
+ struct psa_sst_asset_info_t *info)
{
uint32_t app_id;
@@ -32,9 +32,9 @@
return tfm_sst_veneer_get_info(app_id, asset_uuid, s_token, info);
}
-enum tfm_sst_err_t tfm_sst_svc_get_attributes(uint32_t asset_uuid,
+enum psa_sst_err_t tfm_sst_svc_get_attributes(uint32_t asset_uuid,
const struct tfm_sst_token_t *s_token,
- struct tfm_sst_asset_attrs_t *attrs)
+ struct psa_sst_asset_attrs_t *attrs)
{
uint32_t app_id;
@@ -43,9 +43,9 @@
return tfm_sst_veneer_get_attributes(app_id, asset_uuid, s_token, attrs);
}
-enum tfm_sst_err_t tfm_sst_svc_set_attributes(uint32_t asset_uuid,
+enum psa_sst_err_t tfm_sst_svc_set_attributes(uint32_t asset_uuid,
const struct tfm_sst_token_t *s_token,
- const struct tfm_sst_asset_attrs_t *attrs)
+ const struct psa_sst_asset_attrs_t *attrs)
{
uint32_t app_id;
@@ -54,7 +54,7 @@
return tfm_sst_veneer_set_attributes(app_id, asset_uuid, s_token, attrs);
}
-enum tfm_sst_err_t tfm_sst_svc_read(uint32_t asset_uuid,
+enum psa_sst_err_t tfm_sst_svc_read(uint32_t asset_uuid,
const struct tfm_sst_token_t *s_token,
struct tfm_sst_buf_t* data)
{
@@ -65,7 +65,7 @@
return tfm_sst_veneer_read(app_id, asset_uuid, s_token, data);
}
-enum tfm_sst_err_t tfm_sst_svc_write(uint32_t asset_uuid,
+enum psa_sst_err_t tfm_sst_svc_write(uint32_t asset_uuid,
const struct tfm_sst_token_t *s_token,
struct tfm_sst_buf_t* data)
{
@@ -76,7 +76,7 @@
return tfm_sst_veneer_write(app_id, asset_uuid, s_token, data);
}
-enum tfm_sst_err_t tfm_sst_svc_delete(uint32_t asset_uuid,
+enum psa_sst_err_t tfm_sst_svc_delete(uint32_t asset_uuid,
const struct tfm_sst_token_t *s_token)
{
uint32_t app_id;