TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / TF-M / trusted-firmware-m / 710acf56a58942018e7517f60e20d54e7b851a99 / . / interface / include / psa_audit_api.h
blob: d55a0572acaae17523c395e956e567238787eb80 [file] [log] [blame]
Antonio de Angelis12bc6452018-08-01 10:24:50 +0100[diff] [blame]1/*
Antonio de Angelisab000e82019-07-09 15:05:22 +0100[diff] [blame]2 * Copyright (c) 2018-2019, Arm Limited. All rights reserved.
Antonio de Angelis12bc6452018-08-01 10:24:50 +0100[diff] [blame]3 *
4 * SPDX-License-Identifier: BSD-3-Clause
5 *
6 */
7
8#ifndef __PSA_AUDIT_API__
9#define __PSA_AUDIT_API__
10
11/**
12 * \brief PSA AUDIT API version
13 */
14#define PSA_AUDIT_API_VERSION_MAJOR (0)
15#define PSA_AUDIT_API_VERSION_MINOR (1)
16
17#include "psa_audit_defs.h"
Antonio de Angelisab000e82019-07-09 15:05:22 +0100[diff] [blame]18#include "psa/error.h"
Antonio de Angelis12bc6452018-08-01 10:24:50 +0100[diff] [blame]19
20#ifdef __cplusplus
21extern "C" {
22#endif
23
24/**
25 * \brief Retrieves a record at the specified index
26 *
27 * \details The function retrieves an item specified by index and returns
28 * it on the buffer provided. The token is passed as a challenge
29 * value for the encryption scheme
30 *
31 * \note Currently the cryptography support is not yet enabled, so the
32 * token value is not used and must be passed as NULL, with 0 size
33 *
34 * \param[in] record_index Index of the record to retrieve
35 * \param[in] buffer_size Size in bytes of the provided buffer
36 * \param[in] token Must be set to NULL. Token used as a challenge
37 * for encryption, to protect against rollback
38 * attacks
39 * \param[in] token_size Must be set to 0. Size in bytes of the token
40 * used as challenge
41 * \param[out] buffer Buffer used to store the retrieved record
42 * \param[out] record_size Size in bytes of the retrieved record
43 *
Antonio de Angelisab000e82019-07-09 15:05:22 +0100[diff] [blame]44 * \return Returns values as specified by the \ref psa_status_t
Antonio de Angelis12bc6452018-08-01 10:24:50 +0100[diff] [blame]45 *
46 */
Antonio de Angelisab000e82019-07-09 15:05:22 +0100[diff] [blame]47psa_status_t psa_audit_retrieve_record(const uint32_t record_index,
48 const uint32_t buffer_size,
49 const uint8_t *token,
50 const uint32_t token_size,
51 uint8_t *buffer,
52 uint32_t *record_size);
Antonio de Angelis12bc6452018-08-01 10:24:50 +0100[diff] [blame]53/**
54 * \brief Returns the total number and size of the records stored
55 *
56 * \details The function returns the total size in bytes and the
57 * total number of records stored
58 *
59 * \param[out] num_records Total number of records stored
60 * \param[out] size Total size of the records stored, in bytes
61 *
Antonio de Angelisab000e82019-07-09 15:05:22 +0100[diff] [blame]62 * \return Returns values as specified by the \ref psa_status_t
Antonio de Angelis12bc6452018-08-01 10:24:50 +0100[diff] [blame]63 *
64 */
Antonio de Angelisab000e82019-07-09 15:05:22 +0100[diff] [blame]65psa_status_t psa_audit_get_info(uint32_t *num_records, uint32_t *size);
Antonio de Angelis12bc6452018-08-01 10:24:50 +0100[diff] [blame]66
67/**
68 * \brief Returns the size of the record at the specified index
69 *
70 * \details The function returns the size of the record at the given index
71 * provided as input
72 *
73 * \param[in] record_index Index of the record to return the size
74 * \param[out] size Size of the specified record, in bytes
75 *
Antonio de Angelisab000e82019-07-09 15:05:22 +0100[diff] [blame]76 * \return Returns values as specified by the \ref psa_status_t
Antonio de Angelis12bc6452018-08-01 10:24:50 +0100[diff] [blame]77 *
78 */
Antonio de Angelisab000e82019-07-09 15:05:22 +0100[diff] [blame]79psa_status_t psa_audit_get_record_info(const uint32_t record_index,
80 uint32_t *size);
Antonio de Angelis12bc6452018-08-01 10:24:50 +0100[diff] [blame]81
82/**
83 * \brief Deletes a record at the specified index
84 *
85 * \details The function removes a record at the specified index. It passes
86 * an authorisation token for removal which is a MAC of the plain text
87 *
88 * \note Currently the cryptography support is not yet enabled, so the
89 * token value is not used and must be passed as NULL, with 0 size
90 *
91 * \note This is an experimental API function
92 *
93 * \param[in] record_index Index of the record to be removed. Currently, only
94 * the removal of the oldest entry, i.e. record_index 0
95 * is supported
96 * \param[in] token Must be set to NULL. Token used as authorisation for
97 * removal of the specified record_index
98 * \param[in] token_size Must be set to 0. Size in bytes of the token used as
99 * authorisation for removal
100 *
Antonio de Angelisab000e82019-07-09 15:05:22 +0100[diff] [blame]101 * \return Returns values as specified by the \ref psa_status_t
Antonio de Angelis12bc6452018-08-01 10:24:50 +0100[diff] [blame]102 *
103 */
Antonio de Angelisab000e82019-07-09 15:05:22 +0100[diff] [blame]104psa_status_t psa_audit_delete_record(const uint32_t record_index,
105 const uint8_t *token,
106 const uint32_t token_size);
Antonio de Angelis12bc6452018-08-01 10:24:50 +0100[diff] [blame]107/**
108 * \brief Adds a record
109 *
110 * \details This function adds a record. This is a Secure only callable function
111 *
112 * \note This is a Secure only callable API, Non-Secure calls will
113 * always return error
114 *
115 * \param[in] record Pointer to the memory buffer containing the record
116 * to be added
117 *
Antonio de Angelisab000e82019-07-09 15:05:22 +0100[diff] [blame]118 * \return Returns values as specified by the \ref psa_status_t
Antonio de Angelis12bc6452018-08-01 10:24:50 +0100[diff] [blame]119 *
120 */
Antonio de Angelisab000e82019-07-09 15:05:22 +0100[diff] [blame]121psa_status_t psa_audit_add_record(const struct psa_audit_record *record);
Antonio de Angelis12bc6452018-08-01 10:24:50 +0100[diff] [blame]122
123#ifdef __cplusplus
124}
125#endif
126
127#endif /* __PSA_AUDIT_API__ */