| Antonio de Angelis | 12bc645 | 2018-08-01 10:24:50 +0100 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (c) 2018, Arm Limited. All rights reserved. |
| 3 | * |
| 4 | * SPDX-License-Identifier: BSD-3-Clause |
| 5 | * |
| 6 | */ |
| 7 | |
| 8 | #ifndef __PSA_AUDIT_API__ |
| 9 | #define __PSA_AUDIT_API__ |
| 10 | |
| 11 | /** |
| 12 | * \brief PSA AUDIT API version |
| 13 | */ |
| 14 | #define PSA_AUDIT_API_VERSION_MAJOR (0) |
| 15 | #define PSA_AUDIT_API_VERSION_MINOR (1) |
| 16 | |
| 17 | #include "psa_audit_defs.h" |
| 18 | |
| 19 | #ifdef __cplusplus |
| 20 | extern "C" { |
| 21 | #endif |
| 22 | |
| 23 | /** |
| 24 | * \brief Retrieves a record at the specified index |
| 25 | * |
| 26 | * \details The function retrieves an item specified by index and returns |
| 27 | * it on the buffer provided. The token is passed as a challenge |
| 28 | * value for the encryption scheme |
| 29 | * |
| 30 | * \note Currently the cryptography support is not yet enabled, so the |
| 31 | * token value is not used and must be passed as NULL, with 0 size |
| 32 | * |
| 33 | * \param[in] record_index Index of the record to retrieve |
| 34 | * \param[in] buffer_size Size in bytes of the provided buffer |
| 35 | * \param[in] token Must be set to NULL. Token used as a challenge |
| 36 | * for encryption, to protect against rollback |
| 37 | * attacks |
| 38 | * \param[in] token_size Must be set to 0. Size in bytes of the token |
| 39 | * used as challenge |
| 40 | * \param[out] buffer Buffer used to store the retrieved record |
| 41 | * \param[out] record_size Size in bytes of the retrieved record |
| 42 | * |
| 43 | * \return Returns values as specified by the \ref psa_audit_err |
| 44 | * |
| 45 | */ |
| 46 | enum psa_audit_err psa_audit_retrieve_record(const uint32_t record_index, |
| 47 | const uint32_t buffer_size, |
| 48 | const uint8_t *token, |
| 49 | const uint32_t token_size, |
| 50 | uint8_t *buffer, |
| 51 | uint32_t *record_size); |
| 52 | /** |
| 53 | * \brief Returns the total number and size of the records stored |
| 54 | * |
| 55 | * \details The function returns the total size in bytes and the |
| 56 | * total number of records stored |
| 57 | * |
| 58 | * \param[out] num_records Total number of records stored |
| 59 | * \param[out] size Total size of the records stored, in bytes |
| 60 | * |
| 61 | * \return Returns values as specified by the \ref psa_audit_err |
| 62 | * |
| 63 | */ |
| 64 | enum psa_audit_err psa_audit_get_info(uint32_t *num_records, uint32_t *size); |
| 65 | |
| 66 | /** |
| 67 | * \brief Returns the size of the record at the specified index |
| 68 | * |
| 69 | * \details The function returns the size of the record at the given index |
| 70 | * provided as input |
| 71 | * |
| 72 | * \param[in] record_index Index of the record to return the size |
| 73 | * \param[out] size Size of the specified record, in bytes |
| 74 | * |
| 75 | * \return Returns values as specified by the \ref psa_audit_err |
| 76 | * |
| 77 | */ |
| 78 | enum psa_audit_err psa_audit_get_record_info(const uint32_t record_index, |
| 79 | uint32_t *size); |
| 80 | |
| 81 | /** |
| 82 | * \brief Deletes a record at the specified index |
| 83 | * |
| 84 | * \details The function removes a record at the specified index. It passes |
| 85 | * an authorisation token for removal which is a MAC of the plain text |
| 86 | * |
| 87 | * \note Currently the cryptography support is not yet enabled, so the |
| 88 | * token value is not used and must be passed as NULL, with 0 size |
| 89 | * |
| 90 | * \note This is an experimental API function |
| 91 | * |
| 92 | * \param[in] record_index Index of the record to be removed. Currently, only |
| 93 | * the removal of the oldest entry, i.e. record_index 0 |
| 94 | * is supported |
| 95 | * \param[in] token Must be set to NULL. Token used as authorisation for |
| 96 | * removal of the specified record_index |
| 97 | * \param[in] token_size Must be set to 0. Size in bytes of the token used as |
| 98 | * authorisation for removal |
| 99 | * |
| 100 | * \return Returns values as specified by the \ref psa_audit_err |
| 101 | * |
| 102 | */ |
| 103 | enum psa_audit_err psa_audit_delete_record(const uint32_t record_index, |
| 104 | const uint8_t *token, |
| 105 | const uint32_t token_size); |
| 106 | /** |
| 107 | * \brief Adds a record |
| 108 | * |
| 109 | * \details This function adds a record. This is a Secure only callable function |
| 110 | * |
| 111 | * \note This is a Secure only callable API, Non-Secure calls will |
| 112 | * always return error |
| 113 | * |
| 114 | * \param[in] record Pointer to the memory buffer containing the record |
| 115 | * to be added |
| 116 | * |
| 117 | * \return Returns values as specified by the \ref psa_audit_err |
| 118 | * |
| 119 | */ |
| 120 | enum psa_audit_err psa_audit_add_record(const struct psa_audit_record *record); |
| 121 | |
| 122 | #ifdef __cplusplus |
| 123 | } |
| 124 | #endif |
| 125 | |
| 126 | #endif /* __PSA_AUDIT_API__ */ |