Attest: Implement API to get attestation public key
Implement non-secure interface function for IPC and library models and
secure interface function to get the public part of the attestation
key pair.
Add public key getter secure function / service to Initial Attestation
partition manifest.
Change-Id: Idae5f5d5d645afa6d3c7e62e9169387e57932137
Signed-off-by: David Vincze <david.vincze@arm.com>
diff --git a/interface/src/tfm_initial_attestation_func_api.c b/interface/src/tfm_initial_attestation_func_api.c
index c391f61..7292df5 100644
--- a/interface/src/tfm_initial_attestation_func_api.c
+++ b/interface/src/tfm_initial_attestation_func_api.c
@@ -9,6 +9,7 @@
#include "tfm_veneers.h"
#include "tfm_ns_interface.h"
#include "psa/client.h"
+#include "psa/crypto_types.h"
#define IOVEC_LEN(x) (sizeof(x)/sizeof(x[0]))
@@ -56,3 +57,25 @@
(uint32_t)in_vec, IOVEC_LEN(in_vec),
(uint32_t)out_vec, IOVEC_LEN(out_vec));
}
+
+enum psa_attest_err_t
+tfm_initial_attest_get_public_key(uint8_t *public_key,
+ size_t public_key_buf_size,
+ size_t *public_key_len,
+ psa_ecc_curve_t *elliptic_curve_type)
+{
+ int32_t res;
+
+ psa_outvec out_vec[] = {
+ {.base = public_key, .len = public_key_buf_size},
+ {.base = elliptic_curve_type, .len = sizeof(*elliptic_curve_type)},
+ {.base = public_key_len, .len = sizeof(*public_key_len)}
+ };
+
+ res = tfm_ns_interface_dispatch(
+ (veneer_fn)tfm_initial_attest_get_public_key_veneer,
+ (uint32_t)NULL, 0,
+ (uint32_t)out_vec, IOVEC_LEN(out_vec));
+
+ return (enum psa_attest_err_t)res;
+}